Search Results (Refine Search)
- CPE Product Version: cpe:/o:suse:suse_linux:10.0
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2008-0883 |
acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling. Published: March 05, 2008; 7:44:00 PM -0500 |
V3.x:(not available) V2.0: 3.7 LOW |
CVE-2007-5197 |
Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods. Published: November 02, 2007; 12:46:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2007-2654 |
xfs_fsr in xfsdump creates a .fsr temporary directory with insecure permissions, which allows local users to read or overwrite arbitrary files on xfs filesystems. Published: May 14, 2007; 5:19:00 PM -0400 |
V3.x:(not available) V2.0: 4.4 MEDIUM |
CVE-2007-0980 |
Unspecified vulnerability in HP Serviceguard for Linux; packaged for SuSE SLES8 and United Linux 1.0 before SG A.11.15.07, SuSE SLES9 and SLES10 before SG A.11.16.10, and Red Hat Enterprise Linux (RHEL) before SG A.11.16.10; allows remote attackers to obtain unauthorized access via unspecified vectors. Published: February 15, 2007; 8:28:00 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2007-0460 |
Multiple buffer overflows in ulogd for SUSE Linux 9.3 up to 10.1, and possibly other distributions, have unknown impact and attack vectors related to "improper string length calculations." Published: January 23, 2007; 8:28:00 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2006-5616 |
Multiple unspecified vulnerabilities in OpenPBS, as used in SUSE Linux 9.2 through 10.1, allow attackers to execute arbitrary code via unspecified vectors. Published: October 30, 2006; 8:07:00 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2006-2658 |
Directory traversal vulnerability in the xsp component in mod_mono in Mono/C# web server, as used in SUSE Open-Enterprise-Server 1 and SUSE Linux 9.2 through 10.0, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an HTTP request. Published: September 12, 2006; 12:07:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2006-0745 |
X.Org server (xorg-server) 1.0.0 and later, X11R6.9.0, and X11R7.0 inadvertently treats the address of the geteuid function as if it is the return value of a call to geteuid, which allows local users to bypass intended restrictions and (1) execute arbitrary code via the -modulepath command line option or (2) overwrite arbitrary files via -logfile. Published: March 20, 2006; 9:06:00 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2006-0646 |
ld in SUSE Linux 9.1 through 10.0, and SLES 9, in certain circumstances when linking binaries, can leave an empty RPATH or RUNPATH, which allows local attackers to execute arbitrary code as other users via by running an ld-linked application from the current directory, which could contain an attacker-controlled library file. Published: February 11, 2006; 6:02:00 AM -0500 |
V3.x:(not available) V2.0: 4.4 MEDIUM |
CVE-2006-0043 |
Buffer overflow in the realpath function in nfs-server rpc.mountd, as used in SUSE Linux 9.1 through 10.0, allows local users to execute arbitrary code via unspecified vectors involving mount requests and symlinks. Published: January 30, 2006; 9:03:00 PM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2005-3624 |
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2005-3625 |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2005-3626 |
Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2005-4772 |
liby2util in Yet another Setup Tool (YaST) in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 6.4 MEDIUM |
CVE-2005-4778 |
The powersave daemon in SUSE Linux 10.0 before 20051007 has an unspecified "configuration problem," which allows local users to suspend the computer and possibly perform certain other unauthorized actions. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |