Page 16 of 106 results (0.011 seconds)

CVSS: 5.0EPSS: 0%CPEs: 127EXPL: 1

CVE-2005-3626

https://notcve.org/view.php?id=CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2006-0177.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/ • CWE-399: Resource Management Errors •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

CVE-2005-3629

https://notcve.org/view.php?id=CVE-2005-3629

initscripts in Red Hat Enterprise Linux 4 does not properly handle certain environment variables when /sbin/service is executed, which allows local users with sudo permissions for /sbin/service to gain root privileges via unknown vectors. • ftp://patches.sgi.com/support/free/security/advisories/20060401-01-U http://secunia.com/advisories/19162 http://secunia.com/advisories/19532 http://securitytracker.com/id?1015732 http://www.redhat.com/support/errata/RHSA-2006-0015.html http://www.redhat.com/support/errata/RHSA-2006-0016.html http://www.securityfocus.com/bid/17038 https://exchange.xforce.ibmcloud.com/vulnerabilities/25374 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11198 https: •

CVSS: 10.0EPSS: 0%CPEs: 127EXPL: 1

CVE-2005-3625

https://notcve.org/view.php?id=CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2006-0177.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/ • CWE-399: Resource Management Errors •

CVSS: 5.0EPSS: 1%CPEs: 127EXPL: 1

CVE-2005-3624

https://notcve.org/view.php?id=CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2006-0177.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/ • CWE-189: Numeric Errors •

CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0

CVE-2005-3631

https://notcve.org/view.php?id=CVE-2005-3631

udev does not properly set permissions on certain files in /dev/input, which allows local users to obtain sensitive data that is entered at the console, such as user passwords. • http://secunia.com/advisories/18193 http://securitytracker.com/id?1015386 http://www.redhat.com/support/errata/RHSA-2005-864.html http://www.securityfocus.com/bid/15994 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10854 https://access.redhat.com/security/cve/CVE-2005-3631 https://bugzilla.redhat.com/show_bug.cgi?id=1617832 • CWE-264: Permissions, Privileges, and Access Controls •