Filtered by vendor Redhat Subscriptions
Filtered by product Linux Subscriptions
Total 701 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2002-0846 2 Macromedia, Redhat 3 Shockwave Flash, Enterprise Linux, Linux 2024-08-08 N/A
The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length.
CVE-2002-0871 2 Redhat, Xinetd 2 Linux, Xinetd 2024-08-08 N/A
xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe.
CVE-2002-0838 4 Ggv, Ghostview, Gv and 1 more 6 Ggv, Ghostview, Gv and 3 more 2024-08-08 N/A
Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScript file, which is processed by an unsafe call to sscanf.
CVE-2002-0835 3 Caldera, Hp, Redhat 6 Openlinux Server, Openlinux Workstation, Secure Os and 3 more 2024-08-08 N/A
Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.
CVE-2002-0837 2 Redhat, Wordtrans 2 Linux, Wordtrans-web 2024-08-08 N/A
wordtrans 1.1pre8 and earlier in the wordtrans-web package allows remote attackers to (1) execute arbitrary code or (2) conduct cross-site scripting attacks via certain parameters (possibly "dict") to the wordtrans.php script.
CVE-2002-0834 2 Ethereal Group, Redhat 4 Ethereal, Enterprise Linux, Linux and 1 more 2024-08-08 N/A
Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets.
CVE-2002-0836 3 Hp, Mandrakesoft, Redhat 4 Secure Os, Mandrake Linux, Enterprise Linux and 1 more 2024-08-08 N/A
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
CVE-2002-0840 3 Apache, Oracle, Redhat 9 Http Server, Application Server, Database Server and 6 more 2024-08-08 N/A
Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web page visitors via the Host: header, a different vulnerability than CAN-2002-1157.
CVE-2002-0855 2 Gnu, Redhat 5 Mailman, Enterprise Linux, Linux and 2 more 2024-08-08 N/A
Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.
CVE-2002-0821 2 Ethereal Group, Redhat 4 Ethereal, Enterprise Linux, Linux and 1 more 2024-08-08 N/A
Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers to cause a denial of service or execute arbitrary code via (1) the BGP dissector, or (2) the WCP dissector.
CVE-2002-0825 2 Padl Software, Redhat 3 Nss Ldap, Enterprise Linux, Linux 2024-08-08 N/A
Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2002-0728 2 Greg Roelofs, Redhat 3 Libpng, Enterprise Linux, Linux 2024-08-08 N/A
Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk.
CVE-2002-0713 2 Redhat, Squid 3 Enterprise Linux, Linux, Squid 2024-08-08 N/A
Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP server directory listing parser when HTML output is generated.
CVE-2002-0714 2 Redhat, Squid 3 Enterprise Linux, Linux, Squid 2024-08-08 N/A
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses.
CVE-2002-0704 2 Linux, Redhat 2 Linux Kernel, Linux 2024-08-08 7.5 High
The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages.
CVE-2002-0715 2 Redhat, Squid 3 Enterprise Linux, Linux, Squid 2024-08-08 N/A
Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password.
CVE-2002-0703 2 Gisle Aas, Redhat 2 Digest-md5, Linux 2024-08-08 N/A
An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data.
CVE-2002-0684 3 Gnu, Isc, Redhat 4 Glibc, Bind, Enterprise Linux and 1 more 2024-08-08 N/A
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by functions such as getnetbyname and getnetbyaddr.
CVE-2002-0659 4 Apple, Openssl, Oracle and 1 more 8 Mac Os X, Openssl, Application Server and 5 more 2024-08-08 N/A
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.
CVE-2002-0638 3 Hp, Mandrakesoft, Redhat 6 Secure Os, Mandrake Linux, Mandrake Linux Corporate Server and 3 more 2024-08-08 N/A
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race condition that uses an open file descriptor in utility programs such as chfn and chsh.