MandrakeSoft Mandrake Corporate Server 3.0

Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.

Published: 2008-02-28T21:00:00.000Z
Updated: 2024-08-07T07:46:54.069Z

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.

Published: 2008-01-12T02:00:00.000Z
Updated: 2024-08-07T16:02:36.031Z

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.

Published: 2007-11-07T20:00:00.000Z
Updated: 2024-08-07T15:17:28.328Z

Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error in the QUtf8Codec::convertToUnicode function, but it is not exploitable.

Published: 2007-09-18T19:00:00.000Z
Updated: 2024-08-07T14:46:38.696Z

Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.

Published: 2007-06-21T20:00:00.000Z
Updated: 2024-08-07T13:49:57.659Z

Integer overflow in the FontFileInitTable function in X.Org libXfont before 20070403 allows remote authenticated users to execute arbitrary code via a long first line in the fonts.dir file, which results in a heap overflow.

Published: 2007-04-06T01:00:00.000Z
Updated: 2024-08-07T12:50:35.267Z

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

Published: 2007-04-06T01:00:00.000Z
Updated: 2024-08-07T12:50:35.134Z

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping.

Published: 2007-02-06T02:00:00.000Z
Updated: 2024-08-07T12:19:30.137Z

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

Published: 2006-01-06T22:00:00.000Z
Updated: 2024-08-07T23:17:23.446Z

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

Published: 2006-01-06T22:00:00.000Z
Updated: 2024-08-07T23:17:23.366Z

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

Published: 2006-01-06T22:00:00.000Z
Updated: 2024-08-07T23:17:23.457Z

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

Published: 2005-03-04T05:00:00.000Z
Updated: 2024-08-07T21:21:06.249Z

The HTML parsing functions in Gaim before 1.1.3 allow remote attackers to cause a denial of service (application crash) via malformed HTML that causes "an invalid memory access," a different vulnerability than CVE-2005-0208.

Published: 2005-02-19T05:00:00.000Z
Updated: 2024-08-07T21:13:54.250Z

Gaim before 1.1.3 allows remote attackers to cause a denial of service (infinite loop) via malformed SNAC packets from (1) AIM or (2) ICQ.

Published: 2005-02-19T05:00:00.000Z
Updated: 2024-08-07T21:13:54.256Z

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

Published: 2005-02-15T05:00:00.000Z
Updated: 2024-08-07T21:05:25.397Z

Cross-site scripting (XSS) vulnerability in ht://dig (htdig) before 3.1.6-r7 allows remote attackers to execute arbitrary web script or HTML via the config parameter, which is not properly sanitized before it is displayed in an error message.

Published: 2005-02-15T05:00:00.000Z
Updated: 2024-08-07T20:57:40.999Z

Buffer overflow in playmidi before 2.4 allows local users to execute arbitrary code.

Published: 2005-01-22T05:00:00.000Z
Updated: 2024-08-07T20:57:40.894Z

The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.

Published: 2005-01-20T05:00:00.000Z
Updated: 2024-08-07T20:57:40.741Z

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.

Published: 2005-05-04T04:00:00.000Z
Updated: 2024-08-08T00:46:12.284Z

Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

Published: 2005-01-20T05:00:00.000Z
Updated: 2024-08-08T00:46:12.034Z