GCVE - cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86

Approved changes feed: RSS · Atom

cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*

part: o version: 2007.1 update: *

Vendor	Mandrakesoft (`a8a5c606-4abd-5243-b724-ee5f458a973b`)
Product	Mandrake Linux (`3ee4655e-af5a-585e-8ef9-3aa098e5f6c8`)
Edition	x86_64
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2008-0595`	vulnerable	2026-06-08 04:50:17.217551	Details available dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface. Published: 2008-02-29T19:00:00.000Z Updated: 2024-08-07T07:54:22.705Z Open on db.gcve.eu Reference links http://secunia.com/advisories/29281 http://www.vupen.com/english/advisories/2008/0694 http://www.redhat.com/support/errata/RHSA-2008-0159.html http://lists.opensuse.org/opensuse-updates/2012-10/msg00094.html http://lists.freedesktop.org/archives/dbus/2008-February/009401.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-0411`	not_vulnerable	2026-06-08 04:50:10.973623	Details available Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator. Published: 2008-02-28T21:00:00.000Z Updated: 2024-08-07T07:46:54.069Z Open on db.gcve.eu Reference links http://secunia.com/advisories/29103 http://www.ubuntu.com/usn/usn-599-1 http://www.gentoo.org/security/en/glsa/glsa-200803-14.xml http://secunia.com/advisories/29154 http://secunia.com/advisories/29196	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-0386`	not_vulnerable	2026-06-08 04:50:10.883270	Details available Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email. Published: 2008-02-04T22:00:00.000Z Updated: 2024-08-07T07:46:54.347Z Open on db.gcve.eu Reference links http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-open?view=log http://webcvs.freedesktop.org/portland/portland/xdg-utils/scripts/xdg-email?r1=1.36&r2=1.37 http://secunia.com/advisories/29048 http://security.gentoo.org/glsa/glsa-200801-21.xml http://secunia.com/advisories/28728	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2008-0008`	not_vulnerable	2026-06-08 04:50:09.917299	Details available The pa_drop_root function in PulseAudio 0.9.8, and a certain 0.9.9 build, does not check return values from (1) setresuid, (2) setreuid, (3) setuid, and (4) seteuid calls when attempting to drop privileges, which might allow local users to gain privileges by causing those calls to fail via attacks such as resource exhaustion. Published: 2008-01-28T23:00:00.000Z Updated: 2024-08-07T07:32:23.571Z Open on db.gcve.eu Reference links http://www.mandriva.com/security/advisories?name=MDVSA-2008:027 http://www.securityfocus.com/bid/27449 http://secunia.com/advisories/28623 https://tango.0pointer.de/pipermail/pulseaudio-discuss/2008-January/001228.html http://pulseaudio.org/changeset/2100	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-6284`	vulnerable	2026-06-08 04:50:08.407890	Details available The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences. Published: 2008-01-12T02:00:00.000Z Updated: 2024-08-07T16:02:36.031Z Open on db.gcve.eu Reference links http://secunia.com/advisories/28439 http://security.gentoo.org/glsa/glsa-200801-20.xml http://secunia.com/advisories/28466 http://www.vupen.com/english/advisories/2008/1033/references http://sunsolve.sun.com/search/document.do?assetkey=1-26-103201-1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-5116`	not_vulnerable	2026-06-08 04:49:57.901644	Details available Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression. Published: 2007-11-07T20:00:00.000Z Updated: 2024-08-07T15:17:28.328Z Open on db.gcve.eu Reference links http://secunia.com/advisories/27479 http://www.debian.org/security/2007/dsa-1400 http://marc.info/?l=bugtraq&m=120352263023774&w=2 http://marc.info/?l=bugtraq&m=120352263023774&w=2 http://www.vupen.com/english/advisories/2007/4238	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-4938`	not_vulnerable	2026-06-08 04:49:57.501431	Details available Heap-based buffer overflow in libmpdemux/aviheader.c in MPlayer 1.0rc1 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values, and a certain wLongsPerEntry value. Published: 2007-09-18T19:00:00.000Z Updated: 2024-08-07T15:17:27.081Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/25648 http://securityreason.com/securityalert/3144 https://exchange.xforce.ibmcloud.com/vulnerabilities/36581 http://www.securityfocus.com/archive/1/479222/100/0/threaded http://secunia.com/advisories/27016	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-4137`	not_vulnerable	2026-06-08 04:49:55.778275	Details available Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable. Published: 2007-09-18T19:00:00.000Z Updated: 2024-08-07T14:46:38.696Z Open on db.gcve.eu Reference links http://bugs.gentoo.org/show_bug.cgi?id=192472 http://www.mandriva.com/security/advisories?name=MDKSA-2007:183 http://www.novell.com/linux/security/advisories/2007_19_sr.html http://secunia.com/advisories/26868 http://support.avaya.com/elmodocs2/security/ASA-2007-424.htm	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2007-2833`	not_vulnerable	2026-06-08 04:49:46.244094	Details available Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation. Published: 2007-06-21T20:00:00.000Z Updated: 2024-08-07T13:49:57.659Z Open on db.gcve.eu Reference links http://www.debian.org/security/2007/dsa-1316 http://www.novell.com/linux/security/advisories/2007_19_sr.html http://www.securitytracker.com/id?1018277 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929 http://www.ubuntu.com/usn/usn-504-1	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Mandrakesoft Mandrake Linux 2007.1 X86 64 Edition

PURL mappings

Vulnerability references

Contribute