Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
14100 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-1263 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-20 | N/A |
| The elf_core_dump function in binfmt_elf.c for Linux kernel 2.x.x to 2.2.27-rc2, 2.4.x to 2.4.31-pre1, and 2.6.x to 2.6.12-rc4 allows local users to execute arbitrary code via an ELF binary that, in certain conditions involving the create_elf_tables function, causes a negative length argument to pass a signed integer comparison, leading to a buffer overflow. | ||||
| CVE-2005-1262 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2024-11-20 | N/A |
| Gaim 1.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed MSN message. | ||||
| CVE-2005-1261 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2024-11-20 | N/A |
| Stack-based buffer overflow in the URL parsing function in Gaim before 1.3.0 allows remote attackers to execute arbitrary code via an instant message (IM) with a large URL. | ||||
| CVE-2005-1260 | 5 Apple, Bzip, Canonical and 2 more | 5 Mac Os X, Bzip2, Ubuntu Linux and 2 more | 2024-11-20 | N/A |
| bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb"). | ||||
| CVE-2005-1228 | 2 Gnu, Redhat | 2 Gzip, Enterprise Linux | 2024-11-20 | N/A |
| Directory traversal vulnerability in gunzip -N in gzip 1.2.4 through 1.3.5 allows remote attackers to write to arbitrary directories via a .. (dot dot) in the original filename within a compressed file. | ||||
| CVE-2005-1194 | 1 Redhat | 3 Enterprise Linux, Enterprise Linux Desktop, Linux Advanced Workstation | 2024-11-20 | N/A |
| Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287. | ||||
| CVE-2005-1175 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2024-11-20 | N/A |
| Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain valid TCP or UDP request. | ||||
| CVE-2005-1174 | 2 Mit, Redhat | 2 Kerberos 5, Enterprise Linux | 2024-11-20 | N/A |
| MIT Kerberos 5 (krb5) 1.3 through 1.4.1 Key Distribution Center (KDC) allows remote attackers to cause a denial of service (application crash) via a certain valid TCP connection that causes a free of unallocated memory. | ||||
| CVE-2005-1160 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2024-11-20 | N/A |
| The privileged "chrome" UI code in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to gain privileges by overriding certain properties or methods of DOM nodes, as demonstrated using multiple attacks involving the eval function or the Script object. | ||||
| CVE-2005-1159 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2024-11-20 | N/A |
| The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code by passing objects of the wrong type. | ||||
| CVE-2005-1158 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2024-11-20 | N/A |
| Multiple "missing security checks" in Firefox before 1.0.3 allow remote attackers to inject arbitrary Javascript into privileged pages using the _search target of the Firefox sidebar. | ||||
| CVE-2005-1157 | 3 Mozilla, Netscape, Redhat | 4 Firefox, Mozilla, Navigator and 1 more | 2024-11-20 | N/A |
| Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to replace existing search plugins with malicious ones using sidebar.addSearchEngine and the same filename as the target engine, which may not be displayed in the GUI, which could then be used to execute malicious script, aka "Firesearching 2." | ||||
| CVE-2005-1156 | 3 Mozilla, Netscape, Redhat | 4 Firefox, Mozilla, Navigator and 1 more | 2024-11-20 | N/A |
| Firefox before 1.0.3, Mozilla Suite before 1.7.7, and Netscape 7.2 allows remote attackers to execute arbitrary script and code via a new search plugin using sidebar.addSearchEngine, aka "Firesearching 1." | ||||
| CVE-2005-1155 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2024-11-20 | N/A |
| The favicon functionality in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary code via a <LINK rel="icon"> tag with a javascript: URL in the href attribute, aka "Firelinking." | ||||
| CVE-2005-1154 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2024-11-20 | N/A |
| Firefox before 1.0.3 and Mozilla Suite before 1.7.7 allows remote attackers to execute arbitrary script in other domains via a setter function for a variable in the target domain, which is executed when the user visits that domain, aka "Cross-site scripting through global scope pollution." | ||||
| CVE-2005-1153 | 2 Mozilla, Redhat | 3 Firefox, Mozilla, Enterprise Linux | 2024-11-20 | N/A |
| Firefox before 1.0.3 and Mozilla Suite before 1.7.7, when blocking a popup, allows remote attackers to execute arbitrary code via a javascript: URL that is executed when the user selects the "Show javascript" option. | ||||
| CVE-2005-1111 | 4 Canonical, Debian, Gnu and 1 more | 4 Ubuntu Linux, Debian Linux, Cpio and 1 more | 2024-11-20 | 4.7 Medium |
| Race condition in cpio 2.6 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by cpio after the decompression is complete. | ||||
| CVE-2005-1080 | 2 Redhat, Sun | 5 Enterprise Linux, Network Satellite, Rhel Extras and 2 more | 2024-11-20 | N/A |
| Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file. | ||||
| CVE-2005-1061 | 2 Logwatch, Redhat | 3 Logwatch, Enterprise Linux, Linux Advanced Workstation | 2024-11-20 | N/A |
| The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS." | ||||
| CVE-2005-1046 | 2 Kde, Redhat | 2 Kde, Enterprise Linux | 2024-11-20 | N/A |
| Buffer overflow in the kimgio library for KDE 3.4.0 allows remote attackers to execute arbitrary code via a crafted PCX image file. | ||||