CVSS: 10.0EPSS: 11%CPEs: 127EXPL: 1CVE-2005-3625 – Debian Linux Security Advisory 937-1
https://notcve.org/view.php?id=CVE-2005-3625
31 Dec 2005 — Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in libextractor, a library to extract arbitrary meta-data from f... • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-399: Resource Management Errors •
CVSS: 9.1EPSS: 7%CPEs: 127EXPL: 1CVE-2005-3624 – Debian Linux Security Advisory 937-1
https://notcve.org/view.php?id=CVE-2005-3624
31 Dec 2005 — The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in libextractor, a library to extract arbitrary meta-data from files, and ... • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 9%CPEs: 127EXPL: 1CVE-2005-3626 – Debian Linux Security Advisory 937-1
https://notcve.org/view.php?id=CVE-2005-3626
31 Dec 2005 — Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. infamous41md and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format (PDF) suite, which is also present in libextractor, a library to extract arbitrary meta-data from files, and which can lead to a denial of service by crashing the applicati... • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0CVE-2005-3321
https://notcve.org/view.php?id=CVE-2005-3321
27 Oct 2005 — chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions. • http://secunia.com/advisories/17290 •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2005-1761
https://notcve.org/view.php?id=CVE-2005-1761
05 Aug 2005 — Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function. Vulnerabilidad desconocida en el kernel de Linux permite que usuarios locales provoquen una denegación de servicio mediante ptrace • http://kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=4ea78729b8dbfc400fe165a57b90a394a7275a54 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2005-1767 – Ubuntu Security Notice 187-1
https://notcve.org/view.php?id=CVE-2005-1767
05 Aug 2005 — traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception). Vulnerabilidad desconocida en el kernel de Linux 2.6.x y 2.4.x permite que usuarios locales provoquen una denegación de servicio ("stack fault exception") mediante métodos desconocidos. A Denial of Service vulnerability was detected in the stack segment fault handler. A local attacker could exploit this by causing stack fault... • http://kernel.org/git/?p=linux/kernel/git/marcelo/linux-2.4.git%3Ba=commit%3Bh=51e31546a2fc46cb978da2ee0330a6a68f07541e •
CVSS: 7.5EPSS: 1%CPEs: 71EXPL: 0CVE-2005-1043
https://notcve.org/view.php?id=CVE-2005-1043
12 Apr 2005 — exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. • http://cvs.php.net/diff.php/php-src/ext/exif/exif.c?r1=1.118.2.29&r2=1.118.2.30&ty=u •
CVSS: 7.8EPSS: 0%CPEs: 52EXPL: 4CVE-2005-0750 – Linux Kernel 2.4.x/2.6.x - BlueTooth Signed Buffer Index (PoC)
https://notcve.org/view.php?id=CVE-2005-0750
27 Mar 2005 — The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value. The LInux 2.6.8.1 kernel suffers from about a half dozen serious vulnerabilities. • https://www.exploit-db.com/exploits/25287 •
CVSS: 6.2EPSS: 12%CPEs: 11EXPL: 0CVE-2005-0384
https://notcve.org/view.php?id=CVE-2005-0384
15 Mar 2005 — Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client. • http://secunia.com/advisories/20163 •
CVSS: 7.5EPSS: 4%CPEs: 33EXPL: 0CVE-2005-0398 – Gentoo Linux Security Advisory 200503-33
https://notcve.org/view.php?id=CVE-2005-0398
14 Mar 2005 — The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets. Sebastian Krahmer has reported a potential remote Denial of Service vulnerability in the ISAKMP header parsing code of racoon. Versions less than 0.5-r1 are affected. • http://secunia.com/advisories/14584 •