reprepro 1.3.0 through 2.2.3 does not properly verify signatures when updating repositories, which allows remote attackers to construct and distribute an ostensibly valid Release.gpg file by signing it with an unknown key, related to the update command.
Max CVSS
5.0
EPSS Score
1.00%
Published
2007-09-06
Updated
2009-02-05
Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an out-of-bounds read. NOTE: this affects different product versions than CVE-2007-3996.
Max CVSS
7.5
EPSS Score
1.63%
Published
2007-09-04
Updated
2018-10-26
Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."
Max CVSS
7.5
EPSS Score
0.63%
Published
2007-09-05
Updated
2021-05-17
The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certain arguments, as demonstrated by a 'chr(0), 0, ""' argument set.
Max CVSS
5.0
EPSS Score
1.76%
Published
2007-09-04
Updated
2018-10-26
checkrestart in debian-goodies before 0.34 allows local users to gain privileges via shell metacharacters in the name of the executable file for a running process.
Max CVSS
7.2
EPSS Score
0.04%
Published
2007-09-10
Updated
2017-07-29
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.
Max CVSS
9.3
EPSS Score
94.53%
Published
2007-09-18
Updated
2022-02-07
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!