Filtered by vendor Redhat
Subscriptions
Filtered by product Linux
Subscriptions
Total
701 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2002-1401 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2024-08-08 | N/A |
Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result of an integer overflow. | ||||
CVE-2002-1395 | 2 Debian, Redhat | 3 Internet Message, Enterprise Linux, Linux | 2024-08-08 | N/A |
Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files via immknmz. | ||||
CVE-2002-1392 | 2 Gert Doering, Redhat | 3 Mgetty, Enterprise Linux, Linux | 2024-08-08 | N/A |
faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges. | ||||
CVE-2002-1380 | 2 Linux, Redhat | 2 Linux Kernel, Linux | 2024-08-08 | N/A |
Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface. | ||||
CVE-2002-1365 | 2 Fetchmail, Redhat | 3 Fetchmail, Enterprise Linux, Linux | 2024-08-08 | N/A |
Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. | ||||
CVE-2002-1398 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2024-08-08 | N/A |
Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows attackers to cause a denial of service and possibly execute arbitrary code via a long date string, aka a vulnerability "in handling long datetime input." | ||||
CVE-2002-1377 | 2 Redhat, Vim Development Group | 3 Enterprise Linux, Linux, Vim | 2024-08-08 | N/A |
vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt. | ||||
CVE-2002-1376 | 3 Oracle, Redhat, Symantec Veritas | 6 Mysql, Enterprise Linux, Linux and 3 more | 2024-08-08 | N/A |
libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. | ||||
CVE-2002-1396 | 2 Php, Redhat | 2 Php, Linux | 2024-08-08 | N/A |
Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code. | ||||
CVE-2002-1400 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2024-08-08 | N/A |
Heap-based buffer overflow in the repeat() function for PostgreSQL before 7.2.2 allows attackers to execute arbitrary code by causing repeat() to generate a large string. | ||||
CVE-2002-1378 | 2 Openldap, Redhat | 3 Openldap, Enterprise Linux, Linux | 2024-08-08 | N/A |
Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. | ||||
CVE-2002-1379 | 2 Openldap, Redhat | 3 Openldap, Enterprise Linux, Linux | 2024-08-08 | N/A |
OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges. | ||||
CVE-2002-1397 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2024-08-08 | N/A |
Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow. | ||||
CVE-2002-1374 | 3 Oracle, Redhat, Symantec Veritas | 5 Mysql, Enterprise Linux, Linux and 2 more | 2024-08-08 | N/A |
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the first character of the real password. | ||||
CVE-2002-1383 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2024-08-08 | N/A |
Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters, as demonstrated by mksun. | ||||
CVE-2002-1348 | 2 Redhat, W3m | 3 Enterprise Linux, Linux, W3m | 2024-08-08 | N/A |
w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies. | ||||
CVE-2002-1375 | 3 Oracle, Redhat, Symantec Veritas | 5 Mysql, Enterprise Linux, Linux and 2 more | 2024-08-08 | N/A |
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response. | ||||
CVE-2002-1369 | 3 Apple, Easy Software Products, Redhat | 3 Mac Os X, Cups, Linux | 2024-08-08 | N/A |
jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack. | ||||
CVE-2002-1384 | 3 Easy Software Products, Redhat, Xpdf | 4 Cups, Enterprise Linux, Linux and 1 more | 2024-08-08 | N/A |
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. | ||||
CVE-2002-1391 | 2 Gert Doering, Redhat | 3 Mgetty, Enterprise Linux, Linux | 2024-08-08 | N/A |
Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument. |