Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.
Max CVSS
5.0
EPSS Score
0.52%
Published
2005-12-31
Updated
2018-10-19
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.
Max CVSS
5.0
EPSS Score
1.28%
Published
2005-12-31
Updated
2018-10-19
Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as cryptographic keys, via a timing attack on memory cache misses.
Max CVSS
5.6
EPSS Score
0.08%
Published
2005-03-05
Updated
2018-10-16
The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.
Max CVSS
5.0
EPSS Score
0.84%
Published
2005-01-11
Updated
2008-09-05
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.
Max CVSS
5.0
EPSS Score
0.25%
Published
2004-11-23
Updated
2024-02-15
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
Max CVSS
5.0
EPSS Score
0.26%
Published
2004-11-23
Updated
2021-11-08
Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
Max CVSS
5.0
EPSS Score
0.34%
Published
2003-10-20
Updated
2022-08-17
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
Max CVSS
5.0
EPSS Score
0.43%
Published
2002-10-28
Updated
2018-10-30
The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.16%
Published
2001-12-31
Updated
2008-09-05
Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO.
Max CVSS
5.0
EPSS Score
1.26%
Published
2001-11-30
Updated
2017-10-10
The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Max CVSS
5.0
EPSS Score
0.38%
Published
2000-11-14
Updated
2008-09-05
Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.22%
Published
2001-03-12
Updated
2008-09-05
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.
Max CVSS
5.0
EPSS Score
0.22%
Published
2001-03-12
Updated
2008-09-05
Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.21%
Published
2000-03-10
Updated
2008-09-10
Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems.
Max CVSS
5.0
EPSS Score
0.85%
Published
1997-01-01
Updated
2022-08-17
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke.
Max CVSS
5.0
EPSS Score
0.30%
Published
1997-07-01
Updated
2008-09-09
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death.
Max CVSS
5.0
EPSS Score
1.15%
Published
1996-12-18
Updated
2022-08-17
Sendmail decode alias can be used to overwrite sensitive files.
Max CVSS
5.0
EPSS Score
1.17%
Published
1996-12-10
Updated
2008-09-09
DNS cache poisoning via BIND, by predictable query IDs.
Max CVSS
5.0
EPSS Score
0.75%
Published
1997-08-13
Updated
2022-08-17
Delete or create a file via rpc.statd, due to invalid information.
Max CVSS
5.0
EPSS Score
0.75%
Published
1996-04-24
Updated
2008-09-09
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages.
Max CVSS
5.0
EPSS Score
0.29%
Published
1998-04-08
Updated
2018-10-30
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook.
Max CVSS
5.0
EPSS Score
0.92%
Published
1997-12-16
Updated
2018-10-12
22 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!