Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13573 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2005-1174 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2024-08-07 | N/A |
MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory. | ||||
CVE-2005-1194 | 1 Redhat | 3 Enterprise Linux, Enterprise Linux Desktop, Linux Advanced Workstation | 2024-08-07 | N/A |
Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287. | ||||
CVE-2005-1160 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2024-08-07 | N/A |
The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object. | ||||
CVE-2005-1228 | 2 Gnu, Redhat | 2 Gzip, Enterprise Linux | 2024-08-07 | N/A |
Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file. | ||||
CVE-2005-1175 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2024-08-07 | N/A |
Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request. | ||||
CVE-2005-1158 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2024-08-07 | N/A |
Multiple "missing security checks" in Firefox before 1.0.3 allow remote attackers to inject arbitrary Javascript into privileged pages using the _search target of the Firefox sidebar. | ||||
CVE-2005-1159 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2024-08-07 | N/A |
The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type. | ||||
CVE-2005-1155 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2024-08-07 | N/A |
The favicon functionality in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary code via a <LINK rel="icon"> tag with a javascript: URL in the href attribute, aka "Firelinking." | ||||
CVE-2005-1157 | 3 Mozilla, Netscape, Redhat | 4 Firefox, Mozilla, Navigator and 1 more | 2024-08-07 | N/A |
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute malicious script, aka "Firesearching 2." | ||||
CVE-2005-1153 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2024-08-07 | N/A |
Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a popup, allows remote attackers to execute arbitrary code via a javascript: URL that is executed when the user selects the "Show javascript" option. | ||||
CVE-2005-1156 | 3 Mozilla, Netscape, Redhat | 4 Firefox, Mozilla, Navigator and 1 more | 2024-08-07 | N/A |
Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1." | ||||
CVE-2005-1154 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2024-08-07 | N/A |
Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka "Cross-site scripting through global scope pollution." | ||||
CVE-2005-1111 | 4 Canonical, Debian, Gnu and 1 more | 4 Ubuntu Linux, Debian Linux, Cpio and 1 more | 2024-08-07 | 4.7 Medium |
Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete. | ||||
CVE-2005-1080 | 2 Redhat, Sun | 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more | 2024-08-07 | N/A |
Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file. | ||||
CVE-2005-1061 | 2 Logwatch, Redhat | 3 Logwatch, Enterprise Linux, Linux Advanced Workstation | 2024-08-07 | N/A |
The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS." | ||||
CVE-2005-0988 | 7 Freebsd, Gentoo, Gnu and 4 more | 13 Freebsd, Linux, Gzip and 10 more | 2024-08-07 | N/A |
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete. | ||||
CVE-2005-1046 | 2 Kde, Redhat | 2 Kde, Enterprise Linux | 2024-08-07 | N/A |
Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file. | ||||
CVE-2005-0989 | 3 Mozilla, Netscape, Redhat | 4 Firefox, Mozilla, Navigator and 1 more | 2024-08-07 | N/A |
The find_replen function in jsstr.c in the Javascript engine for Mozilla Suite 1.7.6, Firefox 1.0.1 and 1.0.2, and Netscape 7.2 allows remote attackers to read portions of heap memory in a Javascript string via the lambda replace method. | ||||
CVE-2005-1041 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-08-07 | N/A |
The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route. | ||||
CVE-2005-1043 | 7 Apple, Conectiva, Peachtree and 4 more | 8 Mac Os X, Mac Os X Server, Linux and 5 more | 2024-08-07 | N/A |
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion. |