Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2005-04-27	CVE-2005-0085	Cross-Site Scripting vulnerability in Dig Config Parameter Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message. network htdig mandrakesoft redhat suse	6.8
2005-04-14	CVE-2005-1043	exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. network low complexity php sgi conectiva apple peachtree suse	5.0
2005-04-14	CVE-2004-1235	Local Privilege Escalation vulnerability in Linux kernel Uselib() Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. local high complexity avaya linux mandrakesoft redhat suse ubuntu conectiva	6.2
2005-04-14	CVE-2004-1174	direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1093	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1092	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1091	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1090	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1009	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-03-15	CVE-2005-0384	Remote Denial Of Service vulnerability in Linux Kernel PPP Driver Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client. network low complexity redhat suse trustix ubuntu	5.0