This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Slackware First view 2005-12-31
Product Slackware Linux Last view 2007-02-07
Version 10.2 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:slackware:slackware_linux

Activity : Overall

Related : CVE

  Date Alert Description
1.9 2007-02-07 CVE-2007-0823

xterm on Slackware Linux 10.2 stores information that had been displayed for a different user account using the same xterm process, which might allow local users to bypass file permissions and read other users' files, or obtain other sensitive information, by reading the xterm process memory. NOTE: it could be argued that this is an expected consequence of multiple users sharing the same interactive process, in which case this is not a vulnerability.

5 2005-12-31 CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

10 2005-12-31 CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

5 2005-12-31 CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

CWE : Common Weakness Enumeration

%idName
66% (2) CWE-399 Resource Management Errors
33% (1) CWE-189 Numeric Errors

Open Source Vulnerability Database (OSVDB)

id Description
33651 Linux xterm Process Memory Information Disclosure
22235 Multiple Products Xpdf/kpdf Crafted FlateDecode Stream NULL Dereference DoS
22234 Multiple Products Xpdf/kpdf Crafted CCITTFaxDecode / DCTDecode Stream DoS
22233 Multiple Products Xpdf/kpdf Stream.cc CCITTFaxStream::CCITTFaxStream Function...

OpenVAS Exploits

id Description
2008-09-24 Name : Gentoo Security Advisory GLSA 200601-02 (kdegraphics, kpdf, koffice, kword)
File : nvt/glsa_200601_02.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdfto...
File : nvt/glsa_200601_17.nasl
2008-01-17 Name : Debian Security Advisory DSA 931-1 (xpdf)
File : nvt/deb_931_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 932-1 (xpdf)
File : nvt/deb_932_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 936-1 (libextractor)
File : nvt/deb_936_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 937-1 (tetex-bin)
File : nvt/deb_937_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 938-1 (koffice)
File : nvt/deb_938_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 940-1 (gpdf)
File : nvt/deb_940_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 950-1 (cupsys)
File : nvt/deb_950_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 961-1 (pdfkit.framework)
File : nvt/deb_961_1.nasl
2008-01-17 Name : Debian Security Advisory DSA 962-1 (pdftohtml)
File : nvt/deb_962_1.nasl
0000-00-00 Name : Slackware Advisory SSA:2006-045-04 kdegraphics
File : nvt/esoft_slk_ssa_2006_045_04.nasl
0000-00-00 Name : Slackware Advisory SSA:2006-045-09 xpdf
File : nvt/esoft_slk_ssa_2006_045_09.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-011.nasl - Type: ACT_GATHER_INFO
2012-09-24 Name: The remote Fedora Core host is missing a security update.
File: fedora_2006-010.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-931.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-932.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-936.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-937.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-938.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-940.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-950.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-961.nasl - Type: ACT_GATHER_INFO
2006-10-14 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-962.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2005-868.nasl - Type: ACT_GATHER_INFO
2006-07-05 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2006-0177.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2005-840.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2006-0160.nasl - Type: ACT_GATHER_INFO
2006-07-03 Name: The remote CentOS host is missing one or more security updates.
File: centos_RHSA-2006-0163.nasl - Type: ACT_GATHER_INFO
2006-02-15 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2006-045-09.nasl - Type: ACT_GATHER_INFO
2006-02-15 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2006-045-04.nasl - Type: ACT_GATHER_INFO
2006-02-01 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200601-17.nasl - Type: ACT_GATHER_INFO
2006-01-21 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-236-2.nasl - Type: ACT_GATHER_INFO
2006-01-21 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-236-1.nasl - Type: ACT_GATHER_INFO
2006-01-20 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2006-0160.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2006-010.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Red Hat host is missing a security update.
File: redhat-RHSA-2006-0177.nasl - Type: ACT_GATHER_INFO
2006-01-15 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2006-0163.nasl - Type: ACT_GATHER_INFO