Vulnerabilities > SCO

DATE CVE VULNERABILITY TITLE RISK
2005-12-31 CVE-2005-3624 Numeric Errors vulnerability in multiple products
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. 		5.0
5.0
2005-12-31 CVE-2005-2934 Local Privilege Escalation vulnerability in SCO Unixware 7.1.3/7.1.4
Unspecified vulnerability in ptrace in SCO UnixWare 7.1.3 and 7.1.4 allows local users to gain privileges via unspecified vectors.
local
low complexity
sco
7.2
7.2
2005-12-14 CVE-2005-3903 Local Buffer Overflow vulnerability in SCO Unixware 7.1.3/7.1.4
Buffer overflow in uidadmin in SCO Unixware 7.1.3 and 7.1.4 allows local users to execute arbitrary code via a -S (scheme) argument that specifies a large file, a different vulnerability than CVE-2001-1063.
local
low complexity
sco
4.6
4.6
2005-10-25 CVE-2005-2927 Local Buffer Overflow vulnerability in SCO Unixware 7.1.3/7.1.4
Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the (1) prompt or (2) defprompt command.
local
low complexity
sco
7.2
7.2
2005-10-25 CVE-2005-2926 Local Buffer Overflow vulnerability in SCO OpenServer Backupsh
Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable.
local
low complexity
sco
4.6
4.6
2005-08-03 CVE-2005-2132 Denial of Service vulnerability in SCO UnixWare RPC Portmapper
RPC portmapper (rpcbind) in SCO UnixWare 7.1.1 m5, 7.1.3 mp5, and 7.1.4 mp2 allows remote attackers or local users to cause a denial of service (lack of response) via multiple invalid portmap requests.
local
low complexity
sco
2.1
2.1
2005-05-18 CVE-2005-0134 Unspecified vulnerability in SCO Unixware 7.1.1/7.1.3/7.1.4
The X server in SCO UnixWare 7.1.1, 7.1.3, and 7.1.4 does not properly create socket directories in /tmp, which could allow attackers to hijack local sockets.
local
low complexity
sco
4.6
4.6
2005-05-02 CVE-2005-0993 Local Buffer Overflow vulnerability in SCO OpenServer NWPrint Command Line Argument
Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument.
local
low complexity
sco
4.6
4.6
2005-04-07 CVE-2005-0351 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in SCO Openserver 5.0.6/5.0.7
Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable.
local
low complexity
sco CWE-119
4.6
4.6
2005-03-05 CVE-2005-0109 Information Disclosure vulnerability in Multiple Vendor Hyper-Threading Technology
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses. 		4.7
4.7