CVSS: 5.5EPSS: 9%CPEs: 127EXPL: 1CVE-2005-3626 – Debian Linux Security Advisory 937-1
https://notcve.org/view.php?id=CVE-2005-3626
31 Dec 2005 — Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in libextractor, a library to extract arbitrary meta-data from files, and which can lead to a denial of service by crashing the applicati... • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 71EXPL: 0CVE-2005-1043
https://notcve.org/view.php?id=CVE-2005-1043
12 Apr 2005 — exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. • http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=u •
CVSS: 7.8EPSS: 0%CPEs: 52EXPL: 4CVE-2005-0750 – Linux Kernel 2.4.x/2.6.x - 'Bluez' BlueTooth Signed Buffer Index Privilege Escalation
https://notcve.org/view.php?id=CVE-2005-0750
27 Mar 2005 — The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. The LInux 2.6.8.1 kernel suffers from about a half dozen serious vulnerabilities. • https://www.exploit-db.com/exploits/926 •
CVSS: 7.0EPSS: 0%CPEs: 147EXPL: 6CVE-2004-1235 – Linux Kernel 2.4.x/2.6.x - 'uselib()' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2004-1235
07 Jan 2005 — Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor. Condición de carrera en las llamadas de funciones (1) load_elf_library y (2) binfmt_aout de uselib de los kernel de Linux 2.4 a 2.429-rc2 y 2.6 a 2.6.10 permite a usuarios locales ejecutar código de su elección manipulando el descriptor WMA. • https://packetstorm.news/files/id/35641 •
CVSS: 8.8EPSS: 5%CPEs: 68EXPL: 0CVE-2004-1307
https://notcve.org/view.php?id=CVE-2004-1307
21 Dec 2004 — Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. • http://lists.apple.com/archives/security-announce/2005/May/msg00001.html •
CVSS: 5.5EPSS: 0%CPEs: 104EXPL: 1CVE-2004-1334
https://notcve.org/view.php?id=CVE-2004-1334
15 Dec 2004 — Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow. • http://marc.info/?l=bugtraq&m=110383108211524&w=2 •
CVSS: 10.0EPSS: 2%CPEs: 7EXPL: 0CVE-2004-1025
https://notcve.org/view.php?id=CVE-2004-1025
15 Dec 2004 — Multiple heap-based buffer overflows in imlib 1.9.14 and earlier, which is used by gkrellm and several window managers, allow remote attackers to cause a denial of service (application crash) and execute arbitrary code via certain image files. Múltiples desbordamientos de búfer basados en el montón en imlib 1.9.14 y anteriores, que es usado en gkrellm y varios gestores de ventas, permite a atacantes remotos causar una denegación de servicio (caída de aplicación) y ejecutar código de su elección mediante cie... • http://www.mandriva.com/security/advisories?name=MDKSA-2005:007 •
CVSS: 7.5EPSS: 6%CPEs: 61EXPL: 0CVE-2004-1139 – Ethereal Security Advisory 16
https://notcve.org/view.php?id=CVE-2004-1139
15 Dec 2004 — Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash). Multiple vulnerabilities in Ethereal versions 0.9.0 to 0.10.7 have been discovered that all result in denial of service outcomes. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916 •
CVSS: 7.5EPSS: 8%CPEs: 61EXPL: 0CVE-2004-1142 – Ethereal Security Advisory 16
https://notcve.org/view.php?id=CVE-2004-1142
15 Dec 2004 — Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet. Multiple vulnerabilities in Ethereal versions 0.9.0 to 0.10.7 have been discovered that all result in denial of service outcomes. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000916 •
CVSS: 9.1EPSS: 6%CPEs: 61EXPL: 0CVE-2004-1145 – KDE Security Advisory 2004-12-20.1
https://notcve.org/view.php?id=CVE-2004-1145
15 Dec 2004 — Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. KDE Security Advisory: Two flaws in the Konqueror webbrowser make it possible to by pass the sandbox environment which is used to run Java-applets. One flaw allows access to restricted Java classes via JavaSc... • http://marc.info/?l=bugtraq&m=110356286722875&w=2 •