Filtered by vendor Redhat
Subscriptions
Filtered by product Enterprise Linux
Subscriptions
Total
13572 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-0782 | 2 Gnome, Redhat | 3 Gdkpixbuf, Gtk, Enterprise Linux | 2024-08-08 | N/A |
Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687). | ||||
CVE-2004-0764 | 2 Mozilla, Redhat | 4 Firefox, Mozilla, Thunderbird and 1 more | 2024-08-08 | N/A |
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files. | ||||
CVE-2004-0754 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2024-08-08 | N/A |
Integer overflow in Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the size variable in Groupware server messages. | ||||
CVE-2004-0750 | 1 Redhat | 2 Enterprise Linux, Enterprise Linux Desktop | 2024-08-08 | N/A |
Unknown vulnerability in redhat-config-nfs before 1.0.13, when shares are exported to multiple hosts, can produce incorrect permissions and prevent the all_squash option from being applied. | ||||
CVE-2004-0757 | 2 Mozilla, Redhat | 4 Firefox, Mozilla, Thunderbird and 1 more | 2024-08-08 | N/A |
Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code. | ||||
CVE-2004-0759 | 2 Mozilla, Redhat | 2 Mozilla, Enterprise Linux | 2024-08-08 | N/A |
Mozilla before 1.7 allows remote web servers to read arbitrary files via Javascript that sets the value of an <input type="file"> tag. | ||||
CVE-2004-0804 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2024-08-08 | N/A |
Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452. | ||||
CVE-2004-0792 | 2 Andrew Tridgell, Redhat | 2 Rsync, Enterprise Linux | 2024-08-08 | N/A |
Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files. | ||||
CVE-2004-0788 | 2 Gnome, Redhat | 3 Gdkpixbuf, Gtk, Enterprise Linux | 2024-08-08 | N/A |
Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file. | ||||
CVE-2004-0748 | 2 Apache, Redhat | 2 Http Server, Enterprise Linux | 2024-08-08 | N/A |
mod_ssl in Apache 2.0.50 and earlier allows remote attackers to cause a denial of service (CPU consumption) by aborting an SSL connection in a way that causes an Apache child process to enter an infinite loop. | ||||
CVE-2004-0784 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2024-08-08 | N/A |
The smiley theme functionality in Gaim before 0.82 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of the tar file that is dragged to the smiley selector. | ||||
CVE-2004-0769 | 2 Mozilla, Redhat | 2 Bugzilla, Enterprise Linux | 2024-08-08 | N/A |
Buffer overflow in LHA allows remote attackers to execute arbitrary code via long pathnames in LHarc format 2 headers for a .LHZ archive, as originally demonstrated using the "x" option but also exploitable through "l" and "v", and fixed in header.c, a different issue than CVE-2004-0771. | ||||
CVE-2004-0807 | 6 Conectiva, Mandrakesoft, Redhat and 3 more | 6 Linux, Mandrake Linux, Enterprise Linux and 3 more | 2024-08-08 | N/A |
Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. | ||||
CVE-2004-0808 | 2 Redhat, Samba | 2 Enterprise Linux, Samba | 2024-08-08 | N/A |
The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided. | ||||
CVE-2004-0785 | 2 Redhat, Rob Flynn | 2 Enterprise Linux, Gaim | 2024-08-08 | N/A |
Multiple buffer overflows in Gaim before 0.82 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Rich Text Format (RTF) messages, (2) a long hostname for the local system as obtained from DNS, or (3) a long URL that is not properly handled by the URL decoder. | ||||
CVE-2004-0765 | 2 Mozilla, Redhat | 4 Firefox, Mozilla, Thunderbird and 1 more | 2024-08-08 | N/A |
The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote attackers to spoof trusted certificates. | ||||
CVE-2004-0796 | 2 Redhat, Spamassassin | 2 Enterprise Linux, Spamassassin | 2024-08-08 | N/A |
SpamAssassin 2.5x, and 2.6x before 2.64, allows remote attackers to cause a denial of service via certain malformed messages. | ||||
CVE-2004-0751 | 2 Apache, Redhat | 2 Http Server, Enterprise Linux | 2024-08-08 | N/A |
The char_buffer_read function in the mod_ssl module for Apache 2.x, when using reverse proxying to an SSL server, allows remote attackers to cause a denial of service (segmentation fault). | ||||
CVE-2004-0783 | 2 Gnome, Redhat | 3 Gdkpixbuf, Gtk, Enterprise Linux | 2024-08-08 | N/A |
Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifier is ONLY for gtk+. It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688). | ||||
CVE-2004-0758 | 2 Mozilla, Redhat | 2 Mozilla, Enterprise Linux | 2024-08-08 | N/A |
Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is treated as invalid. |