Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2005-12-31	CVE-2005-3625	Resource Management Errors vulnerability in multiple products Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." network low complexity easy-software-products kde libextractor poppler sgi tetex xpdf conectiva debian gentoo mandrakesoft redhat sco slackware suse trustix turbolinux ubuntu CWE-399 critical	10.0
2003-10-06	CVE-2003-0694	The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. network low complexity sendmail sgi apple compaq freebsd gentoo hp ibm netbsd sun turbolinux critical	10.0
2000-11-14	CVE-2000-0844	Permissions, Privileges, and Access Controls vulnerability in multiple products Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. network low complexity caldera immunix conectiva sgi debian ibm mandrakesoft redhat slackware sun suse trustix turbolinux CWE-264 critical	10.0