CVSS: 7.5EPSS: 8%CPEs: 14EXPL: 0CVE-2005-0472 – Gentoo Linux Security Advisory 200503-3
https://notcve.org/view.php?id=CVE-2005-0472
19 Feb 2005 — Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ. Specially crafted SNAC packets sent by other instant-messaging users can cause Gaim to loop endlessly (CVE-2005-0472). Malformed HTML code could lead to invalid memory accesses (CVE-2005-0208 and CVE-2005-0473). Versions less than 1.1.4 are affected. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000933 •
CVSS: 6.5EPSS: 18%CPEs: 14EXPL: 0CVE-2005-0473 – Gentoo Linux Security Advisory 200503-3
https://notcve.org/view.php?id=CVE-2005-0473
19 Feb 2005 — The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208. Specially crafted SNAC packets sent by other instant-messaging users can cause Gaim to loop endlessly (CVE-2005-0472). Malformed HTML code could lead to invalid memory accesses (CVE-2005-0208 and CVE-2005-0473). Versions less than 1.1.4 are affected. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000933 •
CVSS: 8.8EPSS: 6%CPEs: 73EXPL: 0CVE-2004-0802 – dsa-552.txt
https://notcve.org/view.php?id=CVE-2004-0802
24 Sep 2004 — Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817. A heap overflow in imlib2 can be utilized by an attacker to execute arbitrary code on the victims machine. • http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/ChangeLog?rev=1.20&view=markup •
CVSS: 9.1EPSS: 3%CPEs: 73EXPL: 0CVE-2004-0817 – dsa-548.txt
https://notcve.org/view.php?id=CVE-2004-0817
17 Sep 2004 — Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file. A heap overflow error in imlib could be abused by an attacker to execute arbitrary code on the vicim's machine. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000870 •
CVSS: 8.8EPSS: 3%CPEs: 73EXPL: 0CVE-2004-0827 – dsa-547.txt
https://notcve.org/view.php?id=CVE-2004-0827
16 Sep 2004 — Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files. SUSE has discovered several buffer overflows in the ImageMagick graphics library. An attacker could create a malicious image or video file in AVI, BMP, or DIB format that could crash the reading process. It might be possible that carefully crafted im... • http://secunia.com/advisories/28800 •
CVSS: 7.0EPSS: 0%CPEs: 29EXPL: 0CVE-2002-0638
https://notcve.org/view.php?id=CVE-2002-0638
12 Aug 2002 — setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh. setpwnam.c en el paquete util-linux, como se incluye en Red Hat Linux 7.3 y antieriores, y en otros sistemas operativos, no bloquea adecuadamente un fichero temporal cuando se mo... • ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-043.0.txt •
CVSS: 10.0EPSS: 1%CPEs: 38EXPL: 1CVE-2002-0083 – OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-by-One
https://notcve.org/view.php?id=CVE-2002-0083
15 Mar 2002 — Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios. • https://www.exploit-db.com/exploits/21314 • CWE-193: Off-by-one Error •
CVSS: 9.1EPSS: 5%CPEs: 16EXPL: 0CVE-2001-1449
https://notcve.org/view.php?id=CVE-2001-1449
28 Nov 2001 — The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories. • http://www.kb.cert.org/vuls/id/913704 •
CVSS: 5.5EPSS: 0%CPEs: 12EXPL: 1CVE-2001-0736 – University of Washington Pico 3.x/4.x - File Overwrite
https://notcve.org/view.php?id=CVE-2001-0736
12 Oct 2001 — Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. • https://www.exploit-db.com/exploits/20493 •
CVSS: 9.1EPSS: 0%CPEs: 15EXPL: 0CVE-2001-1030
https://notcve.org/view.php?id=CVE-2001-1030
18 Jul 2001 — Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such as port scanning. • http://archives.neohapsis.com/archives/bugtraq/2001-07/0362.html •