Vulnerabilities > Redhat > Linux Advanced Workstation

DATE CVE VULNERABILITY TITLE RISK
2008-05-23 CVE-2008-1767 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Redhat products
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that triggers a large number of steps.
network
low complexity
redhat CWE-119
7.5
2008-05-16 CVE-2008-1423 Numeric Errors vulnerability in Xiph.Org Libvorbis
Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow.
network
redhat xiph-org CWE-189
critical
9.3
2008-05-16 CVE-2008-1420 Numeric Errors vulnerability in Xiph.Org Libvorbis
Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow.
6.8
2008-05-16 CVE-2008-1419 Improper Input Validation vulnerability in Xiph.Org Libvorbis
Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow.
4.3
2007-11-07 CVE-2007-5116 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
7.5
2007-10-11 CVE-2007-5365 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
local
low complexity
debian openbsd redhat sun ubuntu CWE-119
7.2
2007-05-02 CVE-2007-1859 Improper Authentication vulnerability in Xscreensaver 4.10
XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authentication.
local
low complexity
redhat xscreensaver CWE-287
4.6
2007-04-06 CVE-2007-1352 Local Integer Overflow vulnerability in X.Org LibXFont
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
3.8
2007-04-06 CVE-2007-1351 Numeric Errors vulnerability in multiple products
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
8.5
2006-12-07 CVE-2006-6235 A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory.
network
low complexity
gnu gpg4win redhat rpath slackware ubuntu
critical
10.0