Vulnerabilities > Redhat > Enterprise Linux > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-01-10 | CVE-2004-1014 | Remote Denial Of Service vulnerability in Linux NFS RPC.STATD statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated. | 5.0 |
2005-01-10 | CVE-2004-0949 | Remote vulnerability in Linux Kernel SMBFS The smb_recv_trans2 function call in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 does not properly handle the re-assembly of fragmented packets correctly, which could allow remote samba servers to (1) read arbitrary kernel information or (2) raise a counter value to an arbitrary number by sending the first part of the fragmented packet multiple times. | 6.4 |
2005-01-10 | CVE-2004-0883 | Remote vulnerability in Linux Kernel SMBFS Multiple vulnerabilities in the samba filesystem (smbfs) in Linux kernel 2.4 and 2.6 allow remote samba servers to cause a denial of service (crash) or gain sensitive information from kernel memory via a samba server (1) returning more data than requested to the smb_proc_read function, (2) returning a data offset from outside the samba packet to the smb_proc_readX function, (3) sending a certain TRANS2 fragmented packet to the smb_receive_trans2 function, (4) sending a samba packet with a certain header size to the smb_proc_readX_data function, or (5) sending a certain packet based offset for the data in a packet to the smb_receive_trans2 function. | 6.4 |
2004-12-31 | CVE-2004-0802 | BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2 Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. network high complexity enlightenment imagemagick sun conectiva mandrakesoft redhat suse turbolinux ubuntu | 5.1 |
2004-12-23 | CVE-2004-0685 | Information Disclosure vulnerability in Linux Kernel USB Driver Uninitialized Structure Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage. | 4.6 |
2004-12-15 | CVE-2004-1145 | Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. | 5.0 |
2004-11-23 | CVE-2004-0081 | OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | 5.0 |
2004-10-18 | CVE-2004-1613 | Memory Corruption vulnerability in Mozilla Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme. | 5.0 |
2004-09-14 | CVE-2004-0905 | Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain. | 4.6 |
2004-04-15 | CVE-2004-0111 | Bitmap Handling Denial Of Service vulnerability in GdkPixbuf gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file. | 5.0 |