This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 2002-12-31
Product Linux Advanced Workstation Last view 2007-04-05
Version 2.1 Type Os
Update *  
Edition ia64  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:redhat:linux_advanced_workstation

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.5 2007-04-05 CVE-2007-1351

Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.

5 2005-12-31 CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

10 2005-12-31 CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

5 2005-12-31 CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

2.6 2005-12-31 CVE-2005-1918

The original patch for a GNU tar directory traversal vulnerability (CVE-2002-0399) in Red Hat Enterprise Linux 3 and 2.1 uses an "incorrect optimization" that allows user-assisted attackers to overwrite arbitrary files via a crafted tar file, probably involving "/../" sequences with a leading "/".

7.5 2005-06-13 CVE-2005-1760

sysreport 1.3.15 and earlier includes contents of the up2date file in a report, which leaks the password for a proxy server in plaintext and allows local users to gain privileges.

4.6 2005-05-04 CVE-2005-1194

Stack-based buffer overflow in the ieee_putascii function for nasm 0.98 and earlier allows attackers to execute arbitrary code via a crafted asm file, a different vulnerability than CVE-2004-1287.

3.7 2005-05-02 CVE-2005-0988

Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.

7.5 2005-04-27 CVE-2005-0206

The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.

7.5 2005-04-14 CVE-2004-1176

Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

7.5 2005-04-14 CVE-2004-1175

fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.

5 2005-04-14 CVE-2004-1174

direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."

5 2005-04-14 CVE-2004-1093

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."

5 2005-04-14 CVE-2004-1092

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.

5 2005-04-14 CVE-2004-1091

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.

5 2005-04-14 CVE-2004-1090

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."

5 2005-04-14 CVE-2004-1009

Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors.

7.5 2005-04-14 CVE-2004-1005

Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.

7.5 2005-04-14 CVE-2004-1004

Multiple format string vulnerabilities in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.

7.5 2005-03-08 CVE-2005-0699

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

5.1 2005-03-07 CVE-2005-0667

Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.

5 2005-01-27 CVE-2004-0930

The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.

10 2005-01-27 CVE-2004-0903

Stack-based buffer overflow in the writeGroup function in nsVCardObj.cpp for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to execute arbitrary code via malformed VCard attachments that are not properly handled when previewing a message.

10 2005-01-27 CVE-2004-0902

Multiple heap-based buffer overflows in Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via (1) the "Send page" functionality, (2) certain responses from a malicious POP3 server, or (3) a link containing a non-ASCII hostname.

10 2005-01-27 CVE-2004-0889

Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.

CWE : Common Weakness Enumeration

%idName
40% (2) CWE-399 Resource Management Errors
40% (2) CWE-189 Numeric Errors
20% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
73493 libpng pngerror.c png_format_buffer() Off-by-one PNG Image Handling Remote DoS
44330 CUPS on Red Hat 64-bit pdftops Crafted PDF File Handling Overflow
34918 X.Org X11 libXfont bdfReadCharacters Function BDF Font Handling Overflow
34917 FreeType bdfReadCharacters Function BDF Font Handling Overflow
22509 IGMP Spoofed Membership Report DoS
22235 Multiple Products Xpdf/kpdf Crafted FlateDecode Stream NULL Dereference DoS
22234 Multiple Products Xpdf/kpdf Crafted CCITTFaxDecode / DCTDecode Stream DoS
22233 Multiple Products Xpdf/kpdf Stream.cc CCITTFaxStream::CCITTFaxStream Function...
17302 Red Hat sysreport up2date Proxy Password Cleartext Disclosure
16894 Xpdf Integer Overflow Patch 64 Bit Architecture Failure
16088 NASM ieee_putascii() Function ASM File Overflow
15487 gzip Race Condition Arbitrary File Permission Modification
14612 Ethereal 3GPP2 A11 Dissector dissect_a11_radius() Function Overflow
14570 Sylpheed Message Header Processing Overflow
13149 Xpdf Multiple Unspecified Remote Overflows
12911 Midnight Commander Unspecified Underflow DoS
12910 Midnight Commander Insecure Filename Quoting Arbitrary Command Execution
12909 Midnight Commander Nonexistent File Descriptor Handling DoS
12908 Midnight Commander Unspecified Freed Memory DoS
12907 Midnight Commander Unspecified Unallocated Memory Issue
12906 Midnight Commander Unspecified Null Dereference DoS
12905 Midnight Commander Corrupted Selection Header DoS
12904 Midnight Commander Unspecified Infinite Loop DoS
12903 Midnight Commander Multiple Unspecified Overflows
12902 Midnight Commander Multiple Unspecified Format Strings

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-09-10 Name : Slackware Advisory SSA:2011-210-01 libpng
File : nvt/esoft_slk_ssa_2011_210_01.nasl
2012-07-09 Name : RedHat Update for libpng RHSA-2011:1105-01
File : nvt/gb_RHSA-2011_1105-01_libpng.nasl
2012-04-11 Name : Fedora Update for libpng10 FEDORA-2012-5079
File : nvt/gb_fedora_2012_5079_libpng10_fc15.nasl
2012-04-02 Name : Fedora Update for libpng10 FEDORA-2012-3536
File : nvt/gb_fedora_2012_3536_libpng10_fc15.nasl
2012-03-07 Name : Fedora Update for libpng10 FEDORA-2012-2008
File : nvt/gb_fedora_2012_2008_libpng10_fc15.nasl
2011-10-21 Name : Mandriva Update for libpng MDVSA-2011:151 (libpng)
File : nvt/gb_mandriva_MDVSA_2011_151.nasl
2011-08-02 Name : Fedora Update for libpng FEDORA-2011-9336
File : nvt/gb_fedora_2011_9336_libpng_fc14.nasl
2011-07-27 Name : Fedora Update for libpng10 FEDORA-2011-8844
File : nvt/gb_fedora_2011_8844_libpng10_fc15.nasl
2011-07-27 Name : Fedora Update for libpng10 FEDORA-2011-8867
File : nvt/gb_fedora_2011_8867_libpng10_fc14.nasl
2011-07-22 Name : Fedora Update for libpng FEDORA-2011-9343
File : nvt/gb_fedora_2011_9343_libpng_fc15.nasl
2011-07-18 Name : Fedora Update for mingw32-libpng FEDORA-2011-8868
File : nvt/gb_fedora_2011_8868_mingw32-libpng_fc14.nasl
2011-07-18 Name : Fedora Update for mingw32-libpng FEDORA-2011-8874
File : nvt/gb_fedora_2011_8874_mingw32-libpng_fc15.nasl
2010-05-12 Name : Mac OS X Security Update 2009-001
File : nvt/macosx_secupd_2009-001.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-10 Name : SLES9: Security update for Linux kernel
File : nvt/sles9p5010817.nasl
2009-10-10 Name : SLES9: Security update for ethereal
File : nvt/sles9p5010966.nasl
2009-10-10 Name : SLES9: Security update for Midnight Commander
File : nvt/sles9p5011441.nasl
2009-10-10 Name : SLES9: Security update for kdelibs3
File : nvt/sles9p5011912.nasl
2009-10-10 Name : SLES9: Security update for Mozilla
File : nvt/sles9p5012017.nasl
2009-10-10 Name : SLES9: Security update for freetype2
File : nvt/sles9p5013340.nasl
2009-10-10 Name : SLES9: Security update for gnome-vfs2,gnome-vfs2-doc
File : nvt/sles9p5014116.nasl
2009-10-10 Name : SLES9: Security update for imlib
File : nvt/sles9p5014360.nasl
2009-10-10 Name : SLES9: Security update for CUPS
File : nvt/sles9p5014529.nasl
2009-10-10 Name : SLES9: Security update for gnome-vfs
File : nvt/sles9p5014621.nasl
2009-10-10 Name : SLES9: Security update for samba
File : nvt/sles9p5015059.nasl

Snort® IPS/IDS

Date Description
2018-01-17 Mozilla Firefox buffer overflow attempt
RuleID : 45172 - Type : BROWSER-FIREFOX - Revision : 1
2018-01-17 Mozilla Firefox buffer overflow attempt
RuleID : 45171 - Type : BROWSER-FIREFOX - Revision : 1
2014-01-10 Microsoft Windows Bitmap width integer overflow multipacket attempt
RuleID : 3634 - Type : WEB-CLIENT - Revision : 9
2014-01-10 Microsoft Windows Bitmap width integer overflow attempt
RuleID : 3632 - Type : FILE-IMAGE - Revision : 25
2015-10-01 Microsoft Windows Bitmap width integer overflow attempt
RuleID : 35848 - Type : FILE-IMAGE - Revision : 3
2014-01-10 RADIUS ATTR_TYPE_STR overflow attempt
RuleID : 3541 - Type : SERVER-OTHER - Revision : 7
2014-01-10 RADIUS registration vendor ATTR_TYPE_STR overflow attempt
RuleID : 3540 - Type : SERVER-OTHER - Revision : 7
2014-01-10 RADIUS MSID overflow attempt
RuleID : 3539 - Type : SERVER-OTHER - Revision : 7
2014-01-10 RADIUS registration MSID overflow attempt
RuleID : 3538 - Type : SERVER-OTHER - Revision : 7
2014-01-10 SMB client TRANS response ring0 remote code execution attempt
RuleID : 16531 - Type : NETBIOS - Revision : 11
2014-01-10 Samba unicode filename buffer overflow attempt
RuleID : 15986 - Type : SERVER-SAMBA - Revision : 8
2014-01-10 Samba wildcard filename matching denial of service attempt
RuleID : 15581 - Type : SERVER-SAMBA - Revision : 5

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0125.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0126.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0132.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2007-0150.nasl - Type: ACT_GATHER_INFO
2013-07-12 Name: The remote Oracle Linux host is missing one or more security updates.
File: oraclelinux_ELSA-2008-0206.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-010.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-011.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-041.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-042.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing a security update.
File: mandrake_MDKSA-2005-043.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-044.nasl - Type: ACT_GATHER_INFO
2012-09-06 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-056.nasl - Type: ACT_GATHER_INFO
2012-08-01 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20080401_cups_on_SL3_x.nasl - Type: ACT_GATHER_INFO
2011-10-18 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2011-151.nasl - Type: ACT_GATHER_INFO
2011-08-01 Name: The remote Fedora host is missing a security update.
File: fedora_2011-9336.nasl - Type: ACT_GATHER_INFO
2011-07-25 Name: The remote Fedora host is missing a security update.
File: fedora_2011-8844.nasl - Type: ACT_GATHER_INFO
2011-07-25 Name: The remote Fedora host is missing a security update.
File: fedora_2011-8867.nasl - Type: ACT_GATHER_INFO
2011-07-19 Name: The remote Fedora host is missing a security update.
File: fedora_2011-9343.nasl - Type: ACT_GATHER_INFO
2011-07-18 Name: The remote Fedora host is missing a security update.
File: fedora_2011-8868.nasl - Type: ACT_GATHER_INFO
2011-07-18 Name: The remote Fedora host is missing a security update.
File: fedora_2011-8874.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_10009.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_10010.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 9 host is missing a security-related patch.
File: suse9_9797.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_00644f03fb5811d89837000c41e2cdad.nasl - Type: ACT_GATHER_INFO
2009-04-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_3897a2f81d5711d9bc4a000c41e2cdad.nasl - Type: ACT_GATHER_INFO