Vulnerabilities > Turbolinux

DATE CVE VULNERABILITY TITLE RISK
2007-04-06 CVE-2007-1352 Local Integer Overflow vulnerability in X.Org LibXFont
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.
3.8
2005-12-31 CVE-2005-3626 Resource Management Errors vulnerability in multiple products
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
5.0
2005-12-31 CVE-2005-3625 Resource Management Errors vulnerability in multiple products
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."
10.0
2005-12-31 CVE-2005-3624 Numeric Errors vulnerability in multiple products
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
5.0
2005-05-02 CVE-2005-0988 Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
local
high complexity
gnu freebsd gentoo redhat trustix turbolinux ubuntu
3.7
2005-04-14 CVE-2004-1176 Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. 7.5
2005-04-14 CVE-2004-1175 fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters. 7.5
2005-04-14 CVE-2004-1174 direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." 5.0
2005-04-14 CVE-2004-1093 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." 5.0
2005-04-14 CVE-2004-1092 Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. 5.0