Vulnerabilities (CVE)

Filtered by vendor Redhat Subscribe
Filtered by product Linux Advanced Workstation
Total 71 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-0434 4 Adobe, Mandrakesoft, Redhat and 1 more 7 Acrobat, Mandrake Linux, Mandrake Linux Corporate Server and 4 more 2025-04-03 7.5 HIGH N/A
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
CVE-2004-0827 9 Conectiva, Enlightenment, Imagemagick and 6 more 14 Linux, Imlib, Imlib2 and 11 more 2025-04-03 7.5 HIGH N/A
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
CVE-2004-1071 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2025-04-03 7.2 HIGH N/A
The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.
CVE-2004-0105 3 Metamail Corporation, Redhat, Sgi 4 Metamail, Enterprise Linux, Linux Advanced Workstation and 1 more 2025-04-03 7.5 HIGH N/A
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
CVE-2004-1074 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2025-04-03 2.1 LOW N/A
The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.
CVE-2003-0549 2 Gnome, Redhat 4 Gdm, Enterprise Linux, Kdebase and 1 more 2025-04-03 5.0 MEDIUM N/A
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name.
CVE-2004-1174 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2025-04-03 5.0 MEDIUM N/A
direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."
CVE-2004-1090 6 Debian, Gentoo, Midnight Commander and 3 more 8 Debian Linux, Linux, Midnight Commander and 5 more 2025-04-03 5.0 MEDIUM N/A
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."
CVE-2004-0904 4 Conectiva, Mozilla, Netscape and 1 more 10 Linux, Firefox, Mozilla and 7 more 2025-04-03 10.0 HIGH N/A
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
CVE-2005-3624 18 Conectiva, Debian, Easy Software Products and 15 more 33 Linux, Debian Linux, Cups and 30 more 2025-04-03 5.0 MEDIUM N/A
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
CVE-2004-0633 4 Ethereal Group, Gentoo, Mandrakesoft and 1 more 5 Ethereal, Linux, Mandrake Linux and 2 more 2025-04-03 5.0 MEDIUM N/A
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
CVE-2003-0699 1 Redhat 2 Enterprise Linux, Linux Advanced Workstation 2025-04-03 7.5 HIGH N/A
The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700.
CVE-2004-0882 4 Conectiva, Redhat, Samba and 1 more 7 Linux, Enterprise Linux, Enterprise Linux Desktop and 4 more 2025-04-03 10.0 HIGH N/A
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
CVE-2004-0889 11 Debian, Easy Software Products, Gentoo and 8 more 16 Debian Linux, Cups, Linux and 13 more 2025-04-03 10.0 HIGH N/A
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
CVE-2004-0903 4 Conectiva, Mozilla, Redhat and 1 more 9 Linux, Mozilla, Thunderbird and 6 more 2025-04-03 10.0 HIGH N/A
Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.
CVE-2003-0548 2 Gnome, Redhat 4 Gdm, Enterprise Linux, Kdebase and 1 more 2025-04-03 5.0 MEDIUM N/A
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549.
CVE-2004-0905 5 Conectiva, Mozilla, Netscape and 2 more 10 Linux, Firefox, Mozilla and 7 more 2025-04-03 4.6 MEDIUM N/A
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
CVE-2005-0667 5 Altlinux, Gentoo, Redhat and 2 more 7 Alt Linux, Linux, Enterprise Linux and 4 more 2025-04-03 5.1 MEDIUM N/A
Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.
CVE-2004-1070 5 Linux, Redhat, Suse and 2 more 8 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 5 more 2025-04-03 7.2 HIGH N/A
The load_elf_binary function in the binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly check return values from calls to the kernel_read function, which may allow local users to modify sensitive memory in a setuid program and execute arbitrary code.
CVE-2004-0902 4 Conectiva, Mozilla, Redhat and 1 more 9 Linux, Mozilla, Thunderbird and 6 more 2025-04-03 10.0 HIGH N/A
Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.