Vulnerabilities > Suse > Suse Linux

DATE CVE VULNERABILITY TITLE RISK
2005-04-27 CVE-2005-0085 Cross-Site Scripting vulnerability in Dig Config Parameter
Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.
6.8
2005-04-14 CVE-2005-1043 exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
network
low complexity
php sgi conectiva apple peachtree suse
5.0
2005-04-14 CVE-2004-1237 Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.
local
low complexity
linux redhat suse
2.1
2005-04-14 CVE-2004-1235 Local Privilege Escalation vulnerability in Linux kernel Uselib()
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
6.2
2005-04-14 CVE-2004-1176 Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. 7.5
2005-04-14 CVE-2004-1175 fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. 7.5
2005-04-14 CVE-2004-1174 direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." 5.0
2005-04-14 CVE-2004-1093 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." 5.0
2005-04-14 CVE-2004-1092 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. 5.0
2005-04-14 CVE-2004-1091 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. 5.0