Vulnerabilities > Redhat > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-08-29 | CVE-2008-2928 | Buffer Errors vulnerability in Redhat Directory Server 7.1 Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted Accept-Language HTTP header. | 10.0 |
| 2008-08-27 | CVE-2008-3844 | Improper Input Validation vulnerability in Openbsd Openssh Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. | 9.3 |
| 2008-08-14 | CVE-2008-2369 | Use of Hard-coded Credentials vulnerability in Redhat Satellite manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements. | 9.1 |
| 2008-07-21 | CVE-2008-3252 | Buffer Errors vulnerability in Fedora Newsx 1.6 Stack-based buffer overflow in the read_article function in getarticle.c in newsx 1.6 allows remote attackers to execute arbitrary code via a news article containing a large number of lines starting with a period. | 10.0 |
| 2008-06-24 | CVE-2008-2427 | Buffer Errors vulnerability in Pagesperso-Orange GFL Sdk, Nconvert and Xnview Stack-based buffer overflow in NConvert 4.92, GFL SDK 2.82, and XnView 1.93.6 on Windows and 1.70 on Linux and FreeBSD allows user-assisted remote attackers to execute arbitrary code via a crafted format keyword in a Sun TAAC file. | 9.3 |
| 2008-05-16 | CVE-2008-1423 | Numeric Errors vulnerability in Xiph.Org Libvorbis Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its codebook, which triggers a heap overflow. | 9.3 |
| 2008-04-16 | CVE-2008-0892 | Improper Input Validation vulnerability in Redhat Directory Server and Fedora Directory Server The replication monitor CGI script (repl-monitor-cgi.pl) in Red Hat Administration Server, as used by Red Hat Directory Server 8.0 EL4 and EL5, allows remote attackers to execute arbitrary commands. | 9.0 |
| 2008-02-11 | CVE-2008-0668 | Numeric Errors vulnerability in Gnome Gnumeric The excel_read_HLINK function in plugins/excel/ms-excel-read.c in Gnome Office Gnumeric before 1.8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file containing XLS HLINK opcodes, possibly because of an integer signedness error that leads to an integer overflow. | 9.3 |
| 2008-01-08 | CVE-2008-0003 | Buffer Errors vulnerability in Openpegasus Management Server 2.6.1 Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2007-5360. | 10.0 |
| 2007-03-06 | CVE-2007-1282 | Integer Overflow vulnerability in Mozilla Seamonkey and Thunderbird Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line. | 9.3 |