CVE-2005-1918 – tar archive path traversal issue
https://notcve.org/view.php?id=CVE-2005-1918
The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/". • ftp://patches.sgi.com/support/free/security/advisories/20060301-01.U.asc http://secunia.com/advisories/18988 http://secunia.com/advisories/19130 http://secunia.com/advisories/19183 http://secunia.com/advisories/20397 http://securitytracker.com/id?1015655 http://support.avaya.com/elmodocs2/security/ASA-2006-110.htm http://www.novell.com/linux/security/advisories/2006_05_sr.html http://www.redhat.com/support/errata/RHSA-2006-0195.html http://www.securityfocus.com/archive/1/4 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2005-3626
https://notcve.org/view.php?id=CVE-2005-3626
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2006-0177.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/ • CWE-399: Resource Management Errors •
CVE-2005-3625
https://notcve.org/view.php?id=CVE-2005-3625
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2006-0177.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/ • CWE-399: Resource Management Errors •
CVE-2005-3624
https://notcve.org/view.php?id=CVE-2005-3624
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2006-0177.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/ • CWE-189: Numeric Errors •
CVE-2005-1760
https://notcve.org/view.php?id=CVE-2005-1760
sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges. • http://secunia.com/advisories/15675 http://securitytracker.com/id?1014181 http://www.redhat.com/support/errata/RHSA-2005-502.html http://www.securityfocus.com/bid/13936 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A623 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9522 https://access.redhat.com/security/cve/CVE-2005-1760 https://bugzilla.redhat.com/show_bug.cgi?id=1617664 •