Summary
Detail | |||
---|---|---|---|
Vendor | Ubuntu | First view | 2005-12-31 |
Product | Ubuntu Linux | Last view | 2007-04-05 |
Version | 5.10 | Type | Os |
Update | * | ||
Edition | i386 | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:o:ubuntu:ubuntu_linux |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
8.5 | 2007-04-05 | CVE-2007-1351 | Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow. |
7.8 | 2007-02-23 | CVE-2006-5877 | The enigmail extension before 0.94.2 does not properly handle large, encrypted file e-mail attachments, which allows remote attackers to cause a denial of service (crash), as demonstrated with Mozilla Thunderbird. |
7.2 | 2006-07-06 | CVE-2006-3378 | passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits. |
7.2 | 2006-01-09 | CVE-2006-0151 | sudo 1.6.8 and other versions does not clear the PYTHONINSPECT environment variable, which allows limited local users to gain privileges via a Python script, a variant of CVE-2005-4158. |
5 | 2005-12-31 | CVE-2005-3626 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. |
10 | 2005-12-31 | CVE-2005-3625 | Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." |
5 | 2005-12-31 | CVE-2005-3624 | The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
50% (2) | CWE-399 | Resource Management Errors |
50% (2) | CWE-189 | Numeric Errors |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
45258 | enigmail Extension Encrypted File Attachment Handling DoS |
34918 | X.Org X11 libXfont bdfReadCharacters Function BDF Font Handling Overflow |
34917 | FreeType bdfReadCharacters Function BDF Font Handling Overflow |
26995 | shadow setuid Failure Local Privilege Escalation |
22235 | Multiple Products Xpdf/kpdf Crafted FlateDecode Stream NULL Dereference DoS |
22234 | Multiple Products Xpdf/kpdf Crafted CCITTFaxDecode / DCTDecode Stream DoS |
22233 | Multiple Products Xpdf/kpdf Stream.cc CCITTFaxStream::CCITTFaxStream Function... |
20764 | Sudo PERL5OPT Environment Cleaning Multiple Variable Privilege Escalation |
OpenVAS Exploits
id | Description |
---|---|
2010-05-12 | Name : Mac OS X Security Update 2009-001 File : nvt/macosx_secupd_2009-001.nasl |
2009-10-10 | Name : SLES9: Security update for some XFree86 modules File : nvt/sles9p5021116.nasl |
2009-10-10 | Name : SLES9: Security update for freetype2 File : nvt/sles9p5013340.nasl |
2009-04-09 | Name : Mandriva Update for xorg-x11 MDKSA-2007:079 (xorg-x11) File : nvt/gb_mandriva_MDKSA_2007_079.nasl |
2009-04-09 | Name : Mandriva Update for freetype2 MDKSA-2007:081-1 (freetype2) File : nvt/gb_mandriva_MDKSA_2007_081_1.nasl |
2009-04-09 | Name : Mandriva Update for freetype2 MDKSA-2007:081 (freetype2) File : nvt/gb_mandriva_MDKSA_2007_081.nasl |
2009-04-09 | Name : Mandriva Update for tightvnc MDKSA-2007:080-1 (tightvnc) File : nvt/gb_mandriva_MDKSA_2007_080_1.nasl |
2009-04-09 | Name : Mandriva Update for tightvnc MDKSA-2007:080 (tightvnc) File : nvt/gb_mandriva_MDKSA_2007_080.nasl |
2009-04-09 | Name : Mandriva Update for xorg-x11 MDKSA-2007:079-1 (xorg-x11) File : nvt/gb_mandriva_MDKSA_2007_079_1.nasl |
2009-03-23 | Name : Ubuntu Update for freetype, libxfont, xorg, xorg-server vulnerabilities USN-... File : nvt/gb_ubuntu_USN_448_1.nasl |
2009-03-23 | Name : Ubuntu Update for enigmail vulnerability USN-427-1 File : nvt/gb_ubuntu_USN_427_1.nasl |
2009-01-28 | Name : SuSE Update for XFree86, Xorg SUSE-SA:2007:027 File : nvt/gb_suse_2007_027.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-07 (ltsp) File : nvt/glsa_200805_07.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200705-10 (tightvnc, libxfont) File : nvt/glsa_200705_10.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200705-02 (freetype) File : nvt/glsa_200705_02.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200601-17 (xpdf poppler gpdf libextractor pdfto... File : nvt/glsa_200601_17.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200601-02 (kdegraphics, kpdf, koffice, kword) File : nvt/glsa_200601_02.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 937-1 (tetex-bin) File : nvt/deb_937_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 931-1 (xpdf) File : nvt/deb_931_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 932-1 (xpdf) File : nvt/deb_932_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 936-1 (libextractor) File : nvt/deb_936_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 950-1 (cupsys) File : nvt/deb_950_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 938-1 (koffice) File : nvt/deb_938_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 940-1 (gpdf) File : nvt/deb_940_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 946-1 (sudo) File : nvt/deb_946_1.nasl |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2007-0150.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2007-0132.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2007-0125.nasl - Type: ACT_GATHER_INFO |
2013-07-12 | Name: The remote Oracle Linux host is missing one or more security updates. File: oraclelinux_ELSA-2007-0126.nasl - Type: ACT_GATHER_INFO |
2012-09-24 | Name: The remote Fedora Core host is missing a security update. File: fedora_2006-010.nasl - Type: ACT_GATHER_INFO |
2012-09-24 | Name: The remote Fedora Core host is missing a security update. File: fedora_2006-011.nasl - Type: ACT_GATHER_INFO |
2009-02-13 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_SecUpd2009-001.nasl - Type: ACT_GATHER_INFO |
2008-01-08 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-1454.nasl - Type: ACT_GATHER_INFO |
2007-12-13 | Name: The remote SuSE 10 host is missing a security-related patch. File: suse_xorg-x11-server-3083.nasl - Type: ACT_GATHER_INFO |
2007-12-13 | Name: The remote SuSE 10 host is missing a security-related patch. File: suse_freetype2-3067.nasl - Type: ACT_GATHER_INFO |
2007-11-10 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-448-1.nasl - Type: ACT_GATHER_INFO |
2007-11-10 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-308-1.nasl - Type: ACT_GATHER_INFO |
2007-11-10 | Name: The remote Ubuntu host is missing a security-related patch. File: ubuntu_USN-427-1.nasl - Type: ACT_GATHER_INFO |
2007-10-17 | Name: The remote openSUSE host is missing a security update. File: suse_freetype2-3066.nasl - Type: ACT_GATHER_INFO |
2007-10-17 | Name: The remote openSUSE host is missing a security update. File: suse_xorg-x11-server-3082.nasl - Type: ACT_GATHER_INFO |
2007-05-25 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2007-0132.nasl - Type: ACT_GATHER_INFO |
2007-05-20 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-1294.nasl - Type: ACT_GATHER_INFO |
2007-05-10 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200705-10.nasl - Type: ACT_GATHER_INFO |
2007-05-02 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-200705-02.nasl - Type: ACT_GATHER_INFO |
2007-04-30 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2007-109-01.nasl - Type: ACT_GATHER_INFO |
2007-04-19 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2007-0150.nasl - Type: ACT_GATHER_INFO |
2007-04-19 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2007-0150.nasl - Type: ACT_GATHER_INFO |
2007-04-10 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2007-0126.nasl - Type: ACT_GATHER_INFO |
2007-04-05 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2007-0126.nasl - Type: ACT_GATHER_INFO |
2007-04-05 | Name: The remote Mandrake Linux host is missing one or more security updates. File: mandrake_MDKSA-2007-079.nasl - Type: ACT_GATHER_INFO |