Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:5.10:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2006-6504 |
Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption. Published: December 19, 2006; 8:28:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-5868 |
Multiple buffer overflows in Imagemagick 6.0 before 6.0.6.2, and 6.2 before 6.2.4.5, has unknown impact and user-assisted attack vectors via a crafted SGI image. Published: November 21, 2006; 8:07:00 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-5779 |
OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure. Published: November 07, 2006; 1:07:00 PM -0500 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2006-5173 |
Linux kernel does not properly save or restore EFLAGS during a context switch, or reset the flags when creating new threads, which allows local users to cause a denial of service (process crash), as demonstrated using a process that sets the Alignment Check flag (EFLAGS 0x40000), which triggers a SIGBUS in other processes that have an unaligned access. Published: October 17, 2006; 6:07:00 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2006-4997 |
The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference). Published: October 10, 2006; 12:06:00 AM -0400 |
V3.1: 7.5 HIGH V2.0: 7.1 HIGH |
CVE-2006-5158 |
The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock. Published: October 05, 2006; 12:04:00 AM -0400 |
V3.1: 7.5 HIGH V2.0: 3.3 LOW |
CVE-2006-4343 |
The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference. Published: September 28, 2006; 2:07:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2006-4095 |
BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned. Published: September 05, 2006; 8:04:00 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2006-4482 |
Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990. Published: August 31, 2006; 5:04:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-4093 |
Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time." Published: August 21, 2006; 5:04:00 PM -0400 |
V3.x:(not available) V2.0: 4.9 MEDIUM |
CVE-2006-3747 |
Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions before 2.0.59, and 2.2, when RewriteEngine is enabled, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via crafted URLs that are not properly handled using certain rewrite rules. Published: July 28, 2006; 2:02:00 PM -0400 |
V3.x:(not available) V2.0: 7.6 HIGH |
CVE-2006-2935 |
The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow. Published: July 05, 2006; 2:05:00 PM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2006-2661 |
ftutil.c in Freetype before 2.2 allows remote attackers to cause a denial of service (crash) via a crafted font file that triggers a null dereference. Published: May 30, 2006; 3:02:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2006-2275 |
Linux SCTP (lksctp) before 2.6.17 allows remote attackers to cause a denial of service (deadlock) via a large number of small messages to a receiver application that cannot process the messages quickly enough, which leads to "spillover of the receive buffer." Published: May 09, 2006; 4:02:00 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2006-1727 |
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to gain chrome privileges via multiple attack vectors related to the use of XBL scripts with "Print Preview". Published: April 14, 2006; 6:02:00 AM -0400 |
V3.x:(not available) V2.0: 7.6 HIGH |
CVE-2006-1728 |
Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.generateCRMFRequest method. Published: April 14, 2006; 6:02:00 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-1729 |
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file upload control, or (2) changing the type of the input control that is associated with an event handler. Published: April 14, 2006; 6:02:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2006-1741 |
Mozilla Firefox 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to inject arbitrary Javascript into other sites by (1) "using a modal alert to suspend an event handler while a new page is being loaded", (2) using eval(), and using certain variants involving (3) "new Script;" and (4) using window.__proto__ to extend eval, aka "cross-site JavaScript injection". Published: April 14, 2006; 6:02:00 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2005-4807 |
Stack-based buffer overflow in the as_bad function in messages.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2005-4808 |
Buffer overflow in reset_vars in config/tc-crx.c in the GNU as (gas) assembler in Free Software Foundation GNU Binutils before 20050714 allows user-assisted attackers to have an unknown impact via a crafted .s file. Published: December 31, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.6 HIGH |