Vulnerabilities > Suse > Suse Linux > 1.0

DATE CVE VULNERABILITY TITLE RISK
2007-11-02 CVE-2007-5197 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mono
Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods.
network
low complexity
suse debian opensuse mono CWE-119
7.5
2007-05-14 CVE-2007-2654 Race Condition vulnerability in multiple products
xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems.
4.4
2007-01-24 CVE-2007-0460 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Suse Linux
Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations."
network
low complexity
suse CWE-119
critical
10.0
2006-01-31 CVE-2006-0043 Remote Buffer Overflow vulnerability in NFS-SERVER
Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks.
local
low complexity
suse
4.6
2005-12-31 CVE-2005-4772 Unspecified vulnerability in Suse products
liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013.
network
low complexity
suse
6.4
2005-12-31 CVE-2005-3626 Resource Management Errors vulnerability in multiple products
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
5.0
2005-12-31 CVE-2005-3625 Resource Management Errors vulnerability in multiple products
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
10.0
2005-12-31 CVE-2005-3624 Numeric Errors vulnerability in multiple products
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
5.0
2005-06-09 CVE-2005-1763 Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.
local
low complexity
novell suse
7.2
2005-05-02 CVE-2005-0207 Local NFS I/O Denial of Service vulnerability in Linux Kernel
Unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x allows NFS clients to cause a denial of service via O_DIRECT.
local
low complexity
conectiva linux redhat suse
2.1