CVSS: 4.9EPSS: 0%CPEs: 4EXPL: 0CVE-2007-2030
https://notcve.org/view.php?id=CVE-2007-2030
lharc.c in lha does not securely create temporary files, which might allow local users to read or write files by creating a file before LHA is invoked. lharc.c en lha no crea archivos temporales de forma segura, lo cual podría permitir a usuarios locales leer o escribir archivos creando un archivo antes de que LHA sea invocado. • http://osvdb.org/37049 http://secunia.com/advisories/25519 http://www.mandriva.com/security/advisories?name=MDKSA-2007:117 http://www.securityfocus.com/bid/24336 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=236585 https://exchange.xforce.ibmcloud.com/vulnerabilities/34063 •
CVSS: 3.8EPSS: 2%CPEs: 56EXPL: 0CVE-2007-1352 – Multiple font integer overflows (CVE-2007-1352)
https://notcve.org/view.php?id=CVE-2007-1352
Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow. Desbordamiento de entero en la función FontFileInitTable en X.Org libXfont versiones anteriores a 20070403 permite a usuarios remotos autenticados ejecutar código de su elección mediante una primera línea larga en el fichero fonts.dir, lo cual resulta en un desbordamiento de montón. • http://issues.foresightlinux.org/browse/FL-223 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=502 http://lists.apple.com/archives/Security-announce/2007/Nov/msg00003.html http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.freedesktop.org/archives/xorg-announce/2007-April/000286.html http://rhn.redhat.com/errata/RHSA-2007-0125.html http://secunia.com/advisories/24741 http://secunia.com/advisories/24745 http://secunia.com/advisories/ •
CVSS: 10.0EPSS: 5%CPEs: 32EXPL: 0CVE-2006-6235
https://notcve.org/view.php?id=CVE-2006-6235
A "stack overwrite" vulnerability in GnuPG (gpg) 1.x before 1.4.6, 2.x before 2.0.2, and 1.9.0 through 1.9.95 allows attackers to execute arbitrary code via crafted OpenPGP packets that cause GnuPG to dereference a function pointer from deallocated stack memory. Una vulnerabilidad de "escritura en pila" en GnuPG (gpg) 1.x anterior a la 1.4.6, 2.x anterior a la 2.0.2 y 1.9.0 hasta la 1.9.95 permite a atacantes ejecutar código de su elección mediante paquetes OpenPGP artesanales que provocan que GnuPG haga referencia a un puntero a función que está en memoria (en la pila) que ya ha sido liberada. • ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html http://lists.suse.com/archive/suse-security-announce/2006-Dec/0004.html http://secunia.com/advisories/23245 http://secunia.com/advisories/23250 http://secunia.com/advisories/23255 http://secunia.com/advisories/23259 http://secunia.com/advisories/23269 http://secunia.com/advisories/23284 http://secunia.com/advisories/23290 http://secunia. •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2006-5170
https://notcve.org/view.php?id=CVE-2006-5170
pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver. pam_ldap en nss_ldap sobre Red Hat Enterprise Linux 4, Fedora Core 3 y anteriores, y posiblemente otras distribuciones no devuelven una condición de error cuando un servidor de directorio LDAP responde con una respuesta de control PasswordPolicyResponse, lo cual provoca que la función pam_authenticate devuelva código correcto aunque haya fallado, según lo divulgado originalmente para el xscreensaver. • http://bugzilla.padl.com/show_bug.cgi?id=291 http://rhn.redhat.com/errata/RHSA-2006-0719.html http://secunia.com/advisories/22682 http://secunia.com/advisories/22685 http://secunia.com/advisories/22694 http://secunia.com/advisories/22696 http://secunia.com/advisories/22869 http://secunia.com/advisories/23132 http://secunia.com/advisories/23428 http://security.gentoo.org/glsa/glsa-200612-19.xml http://securitytracker.com/id?1017153 http://www.debian.org/security/2006 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 5.0EPSS: 1%CPEs: 127EXPL: 1CVE-2005-3624
https://notcve.org/view.php?id=CVE-2005-3624
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt ftp://patches.sgi.com/support/free/security/advisories/20051201-01-U ftp://patches.sgi.com/support/free/security/advisories/20060101-01-U ftp://patches.sgi.com/support/free/security/advisories/20060201-01-U http://lists.suse.com/archive/suse-security-announce/2006-Jan/0001.html http://rhn.redhat.com/errata/RHSA-2006-0177.html http://scary.beasts.org/security/CESA-2005-003.txt http://secunia.com/ • CWE-189: Numeric Errors •