The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file.
Max CVSS
2.1
EPSS Score
0.09%
Published
2005-04-14
Updated
2017-10-11
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.
Max CVSS
7.5
EPSS Score
4.81%
Published
2004-12-21
Updated
2018-10-30
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
Max CVSS
6.2
EPSS Score
0.04%
Published
2005-04-14
Updated
2017-10-11
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
Max CVSS
7.5
EPSS Score
0.26%
Published
2004-02-03
Updated
2018-10-30
4 vulnerabilities found