High

DATE	CVE	VULNERABILITY TITLE	RISK
2005-05-02	CVE-2005-0337	Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname. network low complexity wietse-venema redhat suse	7.5
2005-05-02	CVE-2005-0005	Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. network low complexity graphicsmagick imagemagick sgi debian gentoo suse	7.5
2005-04-27	CVE-2005-0206	Integer Overflow vulnerability in Xpdf PDFTOPS The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities. network low complexity ascii cstex easy-software-products gnome kde pdftohtml sgi tetex xpdf debian gentoo mandrakesoft redhat suse ubuntu	7.5
2005-04-14	CVE-2004-1176	Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. network low complexity midnight-commander debian gentoo redhat suse turbolinux	7.5
2005-04-14	CVE-2004-1175	fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. network low complexity midnight-commander debian gentoo redhat suse turbolinux	7.5
2005-04-14	CVE-2004-1005	Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. network low complexity midnight-commander debian gentoo redhat suse turbolinux	7.5
2005-04-14	CVE-2004-1004	Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact. network low complexity midnight-commander debian gentoo redhat suse turbolinux	7.5
2005-03-27	CVE-2005-0750	Buffer Index vulnerability in Linux Kernel Bluetooth Signed The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. local low complexity conectiva linux redhat suse ubuntu	7.2
2005-03-02	CVE-2005-0639	Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files. network low complexity xli altlinux suse	7.5
2005-03-02	CVE-2005-0638	xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command. network low complexity xli altlinux suse	7.5