This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Sgi First view 2004-07-07
Product Propack Last view 2005-05-02
Version 3.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:sgi:propack

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2005-05-02 CVE-2005-0005

Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers.

7.5 2005-04-27 CVE-2005-0206

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

5 2005-04-14 CVE-2005-1043

exif.c in PHP before 4.3.11 allows remote attackers to cause a denial of service (memory consumption and crash) via an EXIF header with a large IFD nesting level, which causes significant stack recursion.

5 2005-03-23 CVE-2005-0761

Unknown vulnerability in ImageMagick before 6.1.8 allows remote attackers to cause a denial of service (application crash) via a crafted PSD file.

5 2005-03-23 CVE-2005-0759

ImageMagick before 6.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image with an invalid tag.

5 2005-03-14 CVE-2005-0398

The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.

7.5 2005-03-02 CVE-2005-0605

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

2.1 2005-02-07 CVE-2005-0156

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree.

4.6 2005-01-21 CVE-2004-1184

The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.

7.1 2004-12-31 CVE-2004-1471

Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.

7.5 2004-12-21 CVE-2004-1307

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.

5 2004-12-15 CVE-2004-1145

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.

5 2004-12-15 CVE-2004-1142

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

5 2004-12-15 CVE-2004-1139

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

5 2004-10-18 CVE-2004-1613

Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.

10 2004-08-18 CVE-2004-0523

Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.

10 2004-08-18 CVE-2004-0521

SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.

6.8 2004-08-18 CVE-2004-0520

Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.

6.8 2004-08-18 CVE-2004-0519

Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.

10 2004-08-18 CVE-2004-0507

Buffer overflow in the MMSE dissector for Ethereal 0.10.1 to 0.10.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.

5 2004-08-18 CVE-2004-0506

The SPNEGO dissector in Ethereal 0.9.8 to 0.10.3 allows remote attackers to cause a denial of service (crash) via unknown attack vectors that cause a null pointer dereference.

5 2004-08-18 CVE-2004-0505

The AIM dissector in Ethereal 0.10.3 allows remote attackers to cause a denial of service (assert error) via unknown attack vectors.

5 2004-08-18 CVE-2004-0504

Ethereal 0.10.3 allows remote attackers to cause a denial of service (crash) via certain SIP messages between Hotsip servers and clients.

6.4 2004-08-18 CVE-2004-0235

Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").

10 2004-08-18 CVE-2004-0234

Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.

CWE : Common Weakness Enumeration

%idName
100% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
16894 Xpdf Integer Overflow Patch 64 Bit Architecture Failure
15727 CVS Wrapper Line Format String
15630 PHP EXIF Header Large IFD Nesting Level DoS
15382 Mozilla Multiple Malformed HTML Tag Null Dereference DoS
15113 ImageMagick PSD File DoS
15111 ImageMagick TIFF Invalid Tag DoS
14776 IPsec-Tools racoon Daemon ISAKMP Header Parsing Remote DoS
14373 libXpm XPM Image GetImagePixels() / PutImagePixels() Overflow
13452 Perl PERLIO_DEBUG Local Overflow
13154 GNU Enscript EPSF Pipe Support Arbitrary Command Execution
13028 ImageMagick PSD Image Decoding Module Overflow
12556 LibTIFF STRIPOFFSETS Flag TIFFFetchStripThing() Function Overflow
12512 KDE Konqueror Restricted Class Access Java Sandbox Bypass
12383 Ethereal Malformed SMB Packet DoS
12380 Ethereal DICOM Dissector DoS
8292 SquirrelMail mailbox_display.php Multiple Parameter XSS
8291 SquirrelMail read_body.php Multiple Parameter XSS
6939 Ethereal MMSE Dissector Overflow
6938 Ethereal SPNEGO Dissector DoS
6937 Ethereal AIM Dissector DoS
6936 Ethereal SIP Message DoS
6846 MIT Kerberos 5 krb5_aname_to_localname() Buffer Overflow
6841 SquirrelMail abook_database.php SQL Injection
6836 CVS CVSROOT Configuration File Empty Line Underflow
6835 CVS serve_notify Out-of-Bounds Arbitrary Code Execution

ExploitDB Exploits

id Description
24067 LHA 1.x Buffer Overflow/Directory Traversal Vulnerabilities

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2010-05-12 Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002
File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2010-02-03 Name : Solaris Update for CDE 1.6 119280-22
File : nvt/gb_solaris_119280_22.nasl
2010-02-03 Name : Solaris Update for Runtime library for Solaris 10 119281-22
File : nvt/gb_solaris_119281_22.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5021688.nasl
2009-10-10 Name : SLES9: Security update for ethereal
File : nvt/sles9p5010966.nasl
2009-10-10 Name : SLES9: Security update for enscript
File : nvt/sles9p5011436.nasl
2009-10-10 Name : SLES9: Security update for kdelibs3
File : nvt/sles9p5011912.nasl
2009-10-10 Name : SLES9: Security update for Perl
File : nvt/sles9p5013510.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5015816.nasl
2009-10-10 Name : SLES9: Security update for XFree86-libs
File : nvt/sles9p5016773.nasl
2009-10-10 Name : SLES9: Security update for ethereal
File : nvt/sles9p5016846.nasl
2009-10-10 Name : SLES9: Security update for ethereal
File : nvt/sles9p5019431.nasl
2009-10-10 Name : SLES9: Security update for PHP4
File : nvt/sles9p5021505.nasl
2009-06-03 Name : Solaris Update for sdtimage 114220-11
File : nvt/gb_solaris_114220_11.nasl
2009-06-03 Name : Solaris Update for CDE 1.5 114219-11
File : nvt/gb_solaris_114219_11.nasl
2009-06-03 Name : Solaris Update for sdtimage 109932-10
File : nvt/gb_solaris_109932_10.nasl
2009-06-03 Name : Solaris Update for CDE 1.4 109931-10
File : nvt/gb_solaris_109931_10.nasl
2009-03-06 Name : RedHat Update for cups RHSA-2008:0206-01
File : nvt/gb_RHSA-2008_0206-01_cups.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos3 i386
File : nvt/gb_CESA-2008_0206_cups_centos3_i386.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos4 x86_64
File : nvt/gb_CESA-2008_0206_cups_centos4_x86_64.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos4 i386
File : nvt/gb_CESA-2008_0206_cups_centos4_i386.nasl
2009-02-27 Name : CentOS Update for cups CESA-2008:0206 centos3 x86_64
File : nvt/gb_CESA-2008_0206_cups_centos3_x86_64.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200405-05 (utempter)
File : nvt/glsa_200405_05.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200503-15 (X.org)
File : nvt/glsa_200503_15.nasl

Snort® IPS/IDS

Date Description
2014-01-10 CVS Max-dotdot integer overflow attempt
RuleID : 2583-community - Type : SERVER-OTHER - Revision : 9
2014-01-10 CVS Max-dotdot integer overflow attempt
RuleID : 2583 - Type : SERVER-OTHER - Revision : 9
2014-01-10 CVS Argumentx command double free attempt
RuleID : 15971 - Type : SERVER-OTHER - Revision : 5
2014-01-10 F-Secure Anti-Virus LHA processing buffer overflow attempt
RuleID : 15966 - Type : FILE-OTHER - Revision : 9

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-01-19 Name: The remote Solaris system is missing a security patch for third-party software.
File: solaris11_perl-58_20131015.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-041.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-042.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-043.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-044.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-056.nasl - Type: ACT_GATHER_INFO
2010-01-10 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0261.nasl - Type: ACT_GATHER_INFO
2010-01-10 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0524.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_9867.nasl - Type: ACT_GATHER_INFO
2009-05-13 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_10_5_7.nasl - Type: ACT_GATHER_INFO
2009-05-13 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_SecUpd2009-002.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_74d06b67d2cf11d8b47902e0185c0b53.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_a2ffb6279c5311d893660020ed76ef5a.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_c5519420cec211d88898000d6111a684.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_d2102505f03d11d881b0000347a4fa7d.nasl - Type: ACT_GATHER_INFO
2008-04-04 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2008-04-04 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2007-01-08 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-406.nasl - Type: ACT_GATHER_INFO
2006-11-06 Name: The remote host is missing Sun Security Patch number 112536-06
File: solaris7_112536.nasl - Type: ACT_GATHER_INFO
2006-11-06 Name: The remote host is missing Sun Security Patch number 112537-06
File: solaris7_x86_112537.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-198.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-021.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-331.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-405.nasl - Type: ACT_GATHER_INFO