Redhat: >> Enterprise Linux Desktop >> 3.0 Security Vulnerabilities
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
CVSS Score
4.6
EPSS Score
0.057
Published
2004-09-14
The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
CVSS Score
5.0
EPSS Score
0.025
Published
2004-08-18
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
CVSS Score
10.0
EPSS Score
0.445
Published
2004-08-06
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
CVSS Score
4.9
EPSS Score
0.004
Published
2002-12-31
Page 9