Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:redhat:enterprise_linux_workstation:4.0:*:*:*:*:*:*:*
There are 6 matching records.
Displaying matches 1 through 6.
Vuln ID Summary CVSS Severity
CVE-2011-3193

Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.

Published: June 15, 2012; 8:55:03 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-0834

The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass certain syscall audit configurations via crafted syscalls, a related issue to CVE-2009-0342 and CVE-2009-0343.

Published: March 06, 2009; 6:30:02 AM -0500
V3.x:(not available)
V2.0: 3.6 LOW
CVE-2008-3272

The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain data to the caller, which allows local users to obtain sensitive information.

Published: August 08, 2008; 2:41:00 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2007-6206

The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might allow local users to obtain sensitive information.

Published: December 03, 2007; 7:46:00 PM -0500
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2007-1349

PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted URI.

Published: March 29, 2007; 8:19:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2005-1268

Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte.

Published: August 05, 2005; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM