Product

Debian Linux 4.0 Arm


View All Versions

Vulnerability History

Weakness Analysis

Related Vulnerabilities

more
Vulnerability Severity Score Release Date Summary
CVE-2007-6284 5.0 Jan. 11, 2008

The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.

CVE-2007-3919 6.0 Oct. 28, 2007

(1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm.

CVE-2007-5116 7.5 Nov. 7, 2007

Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.

CVE-2007-5197 7.5 Nov. 2, 2007

Buffer overflow in the Mono.Math.BigInteger class in Mono 1.2.5.1 and earlier allows context-dependent attackers to execute arbitrary code via unspecified vectors related to Reduce in Montgomery-based Pow methods.

CVE-2007-5718 4.9 Oct. 30, 2007

vobcopy 0.5.14 allows local users to append data to an arbitrary file, or create an arbitrary new file, via a symlink attack on the (1) /tmp/vobcopy.bla or (2) /tmp/vobcopy_0.5.14.log temporary file.

CVE-2008-0167 4.6 May 18, 2008

The write_array_file function in utils/include.pl in GForge 4.5.14 updates configuration files by truncating them to zero length and then writing new data, which might allow attackers to bypass intended access restrictions or have unspecified other impact in opportunistic circumstances.

CVE-2008-0411 6.8 Feb. 28, 2008

Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.

CVE-2008-0411 6.8 Feb. 28, 2008

Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.

CVE-2008-0932 7.5 Feb. 25, 2008

diatheke.pl in The SWORD Project Diatheke 1.5.9 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the range parameter.

CVE-2008-1569 3.3 March 31, 2008

policyd-weight 0.1.14 beta-16 and earlier allows local users to modify or delete arbitrary files via a symlink attack on temporary files that are used when creating a socket.

Followers