Vulnerabilities > Suse > Suse Linux > 8.1

DATE CVE VULNERABILITY TITLE RISK
2004-12-31 CVE-2004-0817 BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
7.5
2004-12-31 CVE-2004-0802 BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
5.1
2004-12-23 CVE-2004-0867 Permissions, Privileges, and Access Controls vulnerability in multiple products
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
network
low complexity
kde microsoft mozilla suse CWE-264
7.5
2004-12-23 CVE-2004-0803 Buffer Overflow vulnerability in LibTIFF
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
7.5
2004-12-15 CVE-2004-1145 Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. 5.0
2004-12-06 CVE-2004-0626 The tcp_find_option function of the netfilter subsystem in Linux kernel 2.6, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type.
network
low complexity
conectiva gentoo linux suse
5.0
2004-12-06 CVE-2004-0497 Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4. 2.1
2004-10-20 CVE-2004-0746 Konqueror in KDE 3.2.3 and earlier allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk and .firm.in, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
network
low complexity
kde gentoo mandrakesoft suse
7.5
2004-10-20 CVE-2004-0688 Remote Buffer Overflow vulnerability in libXpm Image Decoding
Multiple integer overflows in (1) the xpmParseColors function in parse.c, (2) XpmCreateImageFromXpmImage, (3) CreateXImage, (4) ParsePixels, and (5) ParseAndPutPixels for libXpm before 6.8.1 may allow remote attackers to execute arbitrary code via a malformed XPM image file.
network
low complexity
x-org xfree86-project openbsd suse
7.5
2004-10-07 CVE-2005-0373 Remote And Local vulnerability in Cyrus SASL
Buffer overflow in digestmd5.c CVS release 1.170 (also referred to as digestmda5.c), as used in the DIGEST-MD5 SASL plugin for Cyrus-SASL but not in any official releases, allows remote attackers to execute arbitrary code.
network
low complexity
cyrus openpkg suse conectiva apple redhat
7.5