| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| envd daemon in HP-UX B.11.00 through B.11.11 allows local users to obtain privileges via unknown attack vectors. |
| Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable. |
| Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges. |
| Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems. |
| Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges. |
| Multiple unspecified vulnerabilities in Oracle for OpenView (OfO) 8.1.7, 9.1.01, and 9.2, and OfO for Linux, allow remote attackers to have an unknown impact via unknown attack vectors. NOTE: because of the lack of details in the vendor advisory, it is unclear which set of existing CVEs this advisory might refer to. |
| Buffer overflows in HP Software Distributor (SD) for HPUX 10.x and 11.x. |
| The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors. |
| Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems. |
| HP CDE program includes the current directory in root's PATH variable. |
| Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files. |
| HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100. |
| Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote attackers to "take over packets destined for another host" and cause a denial of service. |
| The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges. |
| Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver. |
| Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window. |
| Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option. |
| stmkfont in HP-UX B.11.00 through B.11.23 relies on the user-specified PATH when executing certain commands, which allows local users to execute arbitrary code by modifying the PATH environment variable to point to malicious programs. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webproxy to forward requests to the internal network via crafted HTTP requests. |
