Vulnerabilities > Suse > Suse Linux > High

DATE CVE VULNERABILITY TITLE RISK
2005-01-27 CVE-2004-0887 Local Privilege Escalation vulnerability in Linux IBM S/390 Kernel SACF Instruction
SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged instruction, which allows local users to gain root privileges.
local
low complexity
linux suse
7.2
2005-01-11 CVE-2004-0991 Heap Overflow vulnerability in MPG123 Layer 2 Frame Header
Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files.
network
low complexity
mpg123 suse
7.5
2005-01-10 CVE-2004-1098 Multiple Unspecified vulnerability in Roaring Penguin Software MIMEDefang
MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.
network
low complexity
roaring-penguin mandrakesoft suse
7.5
2005-01-10 CVE-2004-1096 Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. 7.5
2005-01-10 CVE-2004-1072 Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, may create an interpreter name string that is not NULL terminated, which could cause strings longer than PATH_MAX to be used, leading to buffer overflows that allow local users to cause a denial of service (hang) and possibly execute arbitrary code.
local
low complexity
linux redhat suse trustix turbolinux
7.2
2005-01-10 CVE-2004-1071 Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
local
low complexity
linux redhat suse trustix turbolinux
7.2
2005-01-10 CVE-2004-1070 Local Privilege Escalation vulnerability in Linux Kernel BINFMT_ELF Loader
The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.
local
low complexity
linux redhat suse trustix turbolinux
7.2
2004-12-31 CVE-2004-0817 BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
7.5
2004-12-23 CVE-2004-0867 Permissions, Privileges, and Access Controls vulnerability in multiple products
Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session.
network
low complexity
kde microsoft mozilla suse CWE-264
7.5
2004-12-23 CVE-2004-0803 Buffer Overflow vulnerability in LibTIFF
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
7.5