| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow. |
| Directory traversal vulnerability in the Java Archive Tool (Jar) utility in J2SE SDK 1.4.2 and 1.5, and OpenJDK, allows remote attackers to create or overwrite arbitrary files via a .. (dot dot) in filenames in a .jar file. |
| Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type. |
| The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. |
| Denial of service in Linux syslogd via a large number of connections. |
| The dynamic linker in Solaris allows a local user to create arbitrary files via the LD_PROFILE environmental variable and a symlink attack. |
| A race condition in the Solaris ps command allows an attacker to overwrite critical files. |
| Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. |
| Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name. |
| 64 bit Solaris 7 procfs allows local users to perform a denial of service. |
| NFS cache poisoning. |
| The default configuration of the web server for the Solaris Management Console (SMC) in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers. |
| The Sun sdtcm_convert calendar utility for OpenWindows has a buffer overflow which can gain root access. |
| Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module. |
| Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
| Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash). |
| Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable. |
| Solaris volrmmount program allows attackers to read any file. |
| Solaris sysdef command allows local users to read kernel memory, potentially leading to root privileges. |
| The WorkMan program can be used to overwrite any file to get root access. |
