Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2005-12-31	CVE-2005-3626	Resource Management Errors vulnerability in multiple products Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. network low complexity easy-software-products kde libextractor poppler sgi tetex xpdf conectiva debian gentoo mandrakesoft redhat sco slackware suse trustix turbolinux ubuntu CWE-399	5.0
2005-12-31	CVE-2005-3624	Numeric Errors vulnerability in multiple products The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. network low complexity easy-software-products kde libextractor poppler sgi tetex xpdf conectiva debian gentoo mandrakesoft redhat sco slackware suse trustix turbolinux ubuntu CWE-189	5.0
2005-04-14	CVE-2004-1174	direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles." network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1093	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory." network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1092	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory. network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1091	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference. network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1090	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1009	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2004-12-31	CVE-2004-0802	BMP Image Decoding Buffer Overflow vulnerability in IMLib/IMLib2 Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. network high complexity enlightenment imagemagick sun conectiva mandrakesoft redhat suse turbolinux ubuntu	5.1
1998-11-19	CVE-1999-1288	Samba 1.9.18 inadvertently includes a prototype application, wsmbconf, which is installed with incorrect permissions including the setgid bit, which allows local users to read and write files and possibly gain privileges via bugs in the program. local low complexity samba caldera redhat turbolinux	4.6