CVSS: 7.5EPSS: 3%CPEs: 65EXPL: 0CVE-2007-4137 – QT off by one buffer overflow
https://notcve.org/view.php?id=CVE-2007-4137
18 Sep 2007 — Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable. Error de superación de límite (off-by-one) en la función QUtf8Decoder::toUnicode de Trolltech Qt3 permite a usuarios locales o remotos (dependiendo del contexto) provocar una denegación de ... • ftp://patches.sgi.com/support/free/security/advisories/20070901-01-P.asc • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-193: Off-by-one Error •
CVSS: 9.8EPSS: 1%CPEs: 56EXPL: 0CVE-2007-1352 – Multiple font integer overflows (CVE-2007-1352)
https://notcve.org/view.php?id=CVE-2007-1352
06 Apr 2007 — Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. Desbordamiento de entero en la función FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar código de su elección mediante una primera línea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de montón. • http://issues.foresightlinux.org/browse/FL-223 •
CVSS: 9.8EPSS: 4%CPEs: 52EXPL: 0CVE-2007-0454
https://notcve.org/view.php?id=CVE-2007-0454
06 Feb 2007 — Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping. Una vulnerabilidad de cadena de formato en el módulo VFS afsacl.so en Samba versión 3.0.6 hasta 3.0.23d permite a los atacantes dependiendo del contexto ejecutar código arbitrario por medio de especificadores de cadena de formato en un nomb... • http://osvdb.org/33101 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 2CVE-2006-0745 – X.Org X11 (X11R6.9.0/X11R7.0) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2006-0745
21 Mar 2006 — X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. • https://www.exploit-db.com/exploits/1596 •
CVSS: 9.1EPSS: 7%CPEs: 127EXPL: 1CVE-2005-3624
https://notcve.org/view.php?id=CVE-2005-3624
31 Dec 2005 — The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 11%CPEs: 127EXPL: 1CVE-2005-3625
https://notcve.org/view.php?id=CVE-2005-3625
31 Dec 2005 — Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-399: Resource Management Errors •
CVSS: 5.5EPSS: 9%CPEs: 127EXPL: 1CVE-2005-3626
https://notcve.org/view.php?id=CVE-2005-3626
31 Dec 2005 — Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt • CWE-399: Resource Management Errors •
CVSS: 7.1EPSS: 0%CPEs: 12EXPL: 1CVE-1999-1572
https://notcve.org/view.php?id=CVE-1999-1572
16 Jul 1996 — cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other operating systems, uses a 0 umask when creating files using the -O (archive) or -F options, which creates the files with mode 0666 and allows local users to read or overwrite those files. • http://marc.info/?l=bugtraq&m=110763404701519&w=2 •