Suse: >> Suse Linux >> 9.2 Security Vulnerabilities
exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.
CVSS Score
5.0
EPSS Score
0.012
Published
2005-04-14
Unknown vulnerability in the PPP driver for the Linux kernel 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) via a pppd client.
CVSS Score
5.0
EPSS Score
0.128
Published
2005-03-15
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
CVSS Score
5.0
EPSS Score
0.041
Published
2005-03-14
Buffer overflow in wpa_supplicant before 0.2.7 allows remote attackers to cause a denial of service (segmentation fault) via invalid EAPOL-Key packet data.
CVSS Score
5.0
EPSS Score
0.012
Published
2005-03-14
scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.
CVSS Score
7.5
EPSS Score
0.032
Published
2005-03-02
xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.
CVSS Score
7.5
EPSS Score
0.028
Published
2005-03-02
Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.
CVSS Score
7.5
EPSS Score
0.02
Published
2005-03-02
Integer overflow in GD Graphics Library libgd 2.0.28 (libgd2), and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow in the gdImageCreateFromPngCtx function, a different set of vulnerabilities than CVE-2004-0941.
CVSS Score
10.0
EPSS Score
0.367
Published
2005-03-01
Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
CVSS Score
7.5
EPSS Score
0.132
Published
2005-02-09
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
CVSS Score
7.8
EPSS Score
0.042
Published
2005-02-09