Debian Linux 4.0 ARM Edition
Approved changes feed: RSS · Atom
cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*
part: o version: 4.0 update: *
| Vendor | Debian (4199fb5b-36f6-5ceb-83d5-855460345e36) |
|---|---|
| Product | Debian Linux (fe80e0fa-9f7e-57a5-8616-37d145025527) |
| Edition | arm |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2009-1962 |
vulnerable | 2026-06-03 14:29:38.547743 |
Details available
Xfig, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the (1) xfig-eps[PID], (2) xfig-pic[PID].pix, (3) xfig-pic[PID].err, (4) xfig-pcx[PID].pix, (5) xfig-xfigrc[PID], (6) xfig[PID], (7) xfig-print[PID], (8) xfig-export[PID].err, (9) xfig-batch[PID], (10) xfig-exp[PID], or (11) xfig-spell.[PID] temporary files, where [PID] is a process ID.
Published: 2009-06-06T18:00:00.000Z
Updated: 2024-08-07T05:36:20.195Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-1673 |
vulnerable | 2026-06-03 14:28:41.635497 |
Details available
The asn1 implementation in (a) the Linux kernel 2.4 before 2.4.36.6 and 2.6 before 2.6.25.5, as used in the cifs and ip_nat_snmp_basic modules; and (b) the gxsnmp package; does not properly validate length values during decoding of ASN.1 BER data, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) a length greater than the working buffer, which can lead to an unspecified overflow; (2) an oid length of zero, which can lead to an off-by-one error; or (3) an indefinite length for a primitive encoding.
Published: 2008-06-10T00:00:00.000Z
Updated: 2024-08-07T08:32:01.473Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-1569 |
not_vulnerable | 2026-06-03 14:28:41.292500 |
Details available
policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via a symlink attack on temporary files that are used when creating a socket.
Published: 2008-03-31T22:00:00.000Z
Updated: 2024-08-07T08:24:42.735Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-0932 |
not_vulnerable | 2026-06-03 14:28:38.480264 |
Details available
diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter.
Published: 2008-02-25T21:00:00.000Z
Updated: 2024-08-07T08:01:40.118Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-0807 |
not_vulnerable | 2026-06-03 14:28:38.082317 |
Details available
lib/Driver/sql.php in Turba 2 (turba2) Contact Manager H3 2.1.x before 2.1.7 and 2.2.x before 2.2-RC3, as used in products such as Horde Groupware before 1.0.4 and Horde Groupware Webmail Edition before 1.0.5, does not properly check access rights, which allows remote authenticated users to modify address data via a modified object_id parameter to edit.php, as demonstrated by modifying a personal address book entry when there is write access to a shared address book.
Published: 2008-02-19T00:00:00.000Z
Updated: 2024-08-07T08:01:38.898Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-0411 |
not_vulnerable | 2026-06-03 14:28:31.900003 |
Details available
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
Published: 2008-02-28T21:00:00.000Z
Updated: 2024-08-07T07:46:54.069Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-0167 |
not_vulnerable | 2026-06-03 14:28:31.293377 |
Details available
The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances.
Published: 2008-05-18T14:00:00.000Z
Updated: 2024-08-07T07:39:34.003Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-0162 |
not_vulnerable | 2026-06-03 14:28:31.283857 |
Details available
misc.c in splitvt 1.6.6 and earlier does not drop group privileges before executing xprop, which allows local users to gain privileges.
Published: 2008-02-22T21:00:00.000Z
Updated: 2024-08-07T07:32:23.903Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-6284 |
vulnerable | 2026-06-03 14:28:29.254800 |
Details available
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
Published: 2008-01-12T02:00:00.000Z
Updated: 2024-08-07T16:02:36.031Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-5827 |
not_vulnerable | 2026-06-03 14:28:27.982735 |
Details available
iSCSI Enterprise Target (iscsitarget) 0.4.15 uses weak permissions for /etc/ietd.conf, which allows local users to obtain passwords.
Published: 2007-11-05T19:00:00.000Z
Updated: 2024-08-07T15:47:00.755Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-5718 |
not_vulnerable | 2026-06-03 14:28:27.698170 |
Details available
vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file.
Published: 2007-10-30T21:00:00.000Z
Updated: 2024-08-07T15:39:13.645Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-5197 |
not_vulnerable | 2026-06-03 14:28:25.122933 |
Details available
Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods.
Published: 2007-11-02T16:00:00.000Z
Updated: 2024-08-07T15:24:42.132Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-5116 |
not_vulnerable | 2026-06-03 14:28:20.125692 |
Details available
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
Published: 2007-11-07T20:00:00.000Z
Updated: 2024-08-07T15:17:28.328Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-3919 |
not_vulnerable | 2026-06-03 14:28:17.501904 |
Details available
(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.
Published: 2007-10-28T16:00:00.000Z
Updated: 2024-08-07T14:37:05.580Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2838 |
not_vulnerable | 2026-06-03 14:28:09.632986 |
Details available
The populate_conns function in src/populate_conns.c in GSAMBAD 0.1.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gsambadtmp temporary file.
Published: 2007-07-03T01:00:00.000Z
Updated: 2024-08-07T13:57:53.350Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2837 |
not_vulnerable | 2026-06-03 14:28:09.629461 |
Details available
The (1) getRule and (2) getChains functions in server/rules.cpp in fireflierd (fireflier-server) in FireFlier 1.1.6 allow local users to overwrite arbitrary files via a symlink attack on the /tmp/fireflier.rules temporary file.
Published: 2007-07-03T18:00:00.000Z
Updated: 2024-08-07T13:57:53.386Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2833 |
vulnerable | 2026-06-03 14:28:09.613595 |
Details available
Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.
Published: 2007-06-21T20:00:00.000Z
Updated: 2024-08-07T13:49:57.659Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2029 |
not_vulnerable | 2026-06-03 14:28:07.334365 |
Details available
File descriptor leak in the PDF handler in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service via a crafted PDF file.
Published: 2007-04-30T22:00:00.000Z
Updated: 2024-08-07T13:23:50.258Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-1665 |
not_vulnerable | 2026-06-03 14:28:06.324056 |
Details available
Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.
Published: 2007-06-27T00:00:00.000Z
Updated: 2024-08-07T13:06:26.105Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-1664 |
not_vulnerable | 2026-06-03 14:28:06.323485 |
Details available
ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality.
Published: 2007-06-27T00:00:00.000Z
Updated: 2024-08-07T13:06:25.956Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-1663 |
not_vulnerable | 2026-06-03 14:28:06.317805 |
Details available
Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.
Published: 2007-06-27T00:00:00.000Z
Updated: 2024-08-07T13:06:26.082Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-0244 |
not_vulnerable | 2026-06-03 14:27:56.338547 |
Details available
pptpgre.c in PoPToP Point to Point Tunneling Server (pptpd) before 1.3.4 allows remote attackers to cause a denial of service (PPTP connection tear-down) via (1) GRE packets with out-of-order sequence numbers or (2) certain GRE packets that are processed using a wrong pointer and improperly dequeued.
Published: 2007-05-11T03:55:00.000Z
Updated: 2024-08-07T12:12:17.564Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.