Vulnerabilities > Suse > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-01-27 | CVE-2004-0903 | Remote Buffer Overflow vulnerability in Mozilla Browser Vcard Handling Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message. | 10.0 |
| 2005-01-27 | CVE-2004-0902 | Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname. | 10.0 |
| 2005-01-27 | CVE-2004-0889 | Integer Overflow vulnerability in Xpdf PDFTOPS Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888. | 10.0 |
| 2005-01-27 | CVE-2004-0888 | Integer Overflow vulnerability in Xpdf PDFTOPS Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889. | 10.0 |
| 2005-01-10 | CVE-2004-1170 | a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename. | 10.0 |
| 2005-01-10 | CVE-2004-1154 | Remote Integer Overflow vulnerability in Samba Directory Access Control List Integer overflow in the Samba daemon (smbd) in Samba 2.x and 3.0.x through 3.0.9 allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a Samba request with a large number of security descriptors that triggers a heap-based buffer overflow. | 10.0 |
| 2005-01-10 | CVE-2004-0914 | Multiple Unspecified vulnerability in LibXPM Multiple vulnerabilities in libXpm for 6.8.1 and earlier, as used in XFree86 and other packages, include (1) multiple integer overflows, (2) out-of-bounds memory accesses, (3) directory traversal, (4) shell metacharacter, (5) endless loops, and (6) memory leaks, which could allow remote attackers to obtain sensitive information, cause a denial of service (application crash), or execute arbitrary code via a certain XPM image file. | 10.0 |
| 2004-08-06 | CVE-2004-0461 | Buffer Overflow vulnerability in ISC DHCPD VSPRINTF The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overflow vulnerabilities that enable a denial of service (server crash) and possibly execute arbitrary code. | 10.0 |
| 2004-08-06 | CVE-2004-0460 | Buffer Overflow vulnerability in ISC DHCPD Hostname Options Logging Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DISCOVER, (2) OFFER, (3) REQUEST, (4) ACK, or (5) NAK messages, which can generate a long string when writing to a log file. | 10.0 |
| 2004-05-06 | CVE-2004-2004 | Unspecified vulnerability in Suse Linux 9.1 The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allows remote attackers to gain privileges via SSH. | 10.0 |