OVALdb logo

Professional OVAL Repository

Skip Navigation LinksOVAL > OVAL Definitions

Search Conditions:  Platform: Red Hat Enterprise Linux 3

Page 1 of 52 (2052 items)Prev1234567505152Next
OVALid 
Version 
Title 
Class 
Open filter row popup menu
Open filter row popup menu
Open filter row popup menu
xv
oval:org.mitre.oval:def:9874Ethereal SPNEGO Dissector Vulnerabilityvulnerability
oval:org.mitre.oval:def:97037CVS pserver BOvulnerability
oval:org.mitre.oval:def:94739KAME IKE Daemon Improper Hash Value Handlingvulnerability
oval:org.mitre.oval:def:94140Red Hat Enterprise 3 Squid ACL Bypass Vulnerabilityvulnerability
oval:org.mitre.oval:def:94037Linux Kernel ISO9660 File System Component BOvulnerability
oval:org.mitre.oval:def:93936Linux Kernel ip_setsockopt Integer Overflowvulnerability
oval:org.mitre.oval:def:88737Multiple BO Vulnerabilities in Red Hat Enterprise 3 Etherealvulnerability
oval:org.mitre.oval:def:86940Net-SNMP MIB Information Disclosure Vulnerabilityvulnerability
oval:org.mitre.oval:def:86835Linux Kernel eflags Checking Privilege Escalation Vulnerabilityvulnerability
oval:org.mitre.oval:def:86536Red Hat Enterprise 3 kdepim VCF File Information Reader BOvulnerability
oval:org.mitre.oval:def:85438RHE3 tcpdump DoS via ISAKMP Packets IIvulnerability
oval:org.mitre.oval:def:84537Red Hat Enterprise 3 gdk-pixbuf Denial of Servicevulnerability
oval:org.mitre.oval:def:8174RHE3 Firefox and Mozilla Shared Object Code Executionvulnerability
oval:org.mitre.oval:def:7424RHE3 Improper Handling of Synthetic Events in Mozillavulnerability
oval:org.mitre.oval:def:6473mikmod Long Filename Buffer Overflowvulnerability
oval:org.mitre.oval:def:3454shtool Race Conditionvulnerability
oval:org.mitre.oval:def:1645Trustix Secure Linux der_chop Script Symlink Attack Vulnerabilityvulnerability
oval:org.mitre.oval:def:11694gzip Hard Link Attackvulnerability
oval:org.mitre.oval:def:11544bzip2 Arbitrary File Permission Modification Vulnerabilityvulnerability
oval:org.mitre.oval:def:106536Multiple Format String Vulnerabilities in neon and Dependent Productsvulnerability
oval:org.mitre.oval:def:10067SquirrelMail Cross-site Scripting Vulnerability Ivulnerability
oval:org.mitre.oval:def:553739The operating system installed on the system is Red Hat Enterprise Linux 3 for x86inventory
oval:org.mitre.oval:def:999624Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.vulnerability
oval:org.mitre.oval:def:997623Squid 2.5 STABLE9 and earlier, when the DNS client port is unfiltered and the environment does not prevent IP spoofing, allows remote attackers to spoof DNS lookups.vulnerability
oval:org.mitre.oval:def:997023Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (assert error) via an invalid protocol tree item length.vulnerability
oval:org.mitre.oval:def:996724Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.vulnerability
oval:org.mitre.oval:def:996424Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload.vulnerability
oval:org.mitre.oval:def:995024Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmousedown action that calls window.moveBy, a variant of CVE-2003-0823.vulnerability
oval:org.mitre.oval:def:994723PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte encodings that allow the "\" (backslash) byte 0x5c to be the trailing byte of a multibyte character, such as SJIS, BIG5, GBK, GB18030, and UHC, which cannot be handled correctly by a client that does not understand multibyte encodings, aka a second variant of "Encoding-Based SQL Injection." NOTE: it could be argued that this is a class of issue related to interaction errors between the client and PostgreSQL, but a CVE has been assigned since PostgreSQL is treating this as a preventative measure against this class of problem.vulnerability
oval:org.mitre.oval:def:994424smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.vulnerability
oval:org.mitre.oval:def:993324Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function.vulnerability
oval:org.mitre.oval:def:992624The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.vulnerability
oval:org.mitre.oval:def:992323Directory traversal vulnerability in gftp before 2.0.18 for GTK+ allows remote malicious FTP servers to read arbitrary files via .. (dot dot) sequences in filenames returned from a LIST command.vulnerability
oval:org.mitre.oval:def:990824Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR file.vulnerability
oval:org.mitre.oval:def:990223Heap-based buffer overflow in the Key Distribution Center (KDC) in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to cause a denial of service (apllication crash) and possibly execute arbitrary code via a certain valid TCP or UDP request.vulnerability
oval:org.mitre.oval:def:989023Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlockall call.vulnerability
oval:org.mitre.oval:def:988424browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked popup originating from a javascript: URI in combination with multiple frames having the same data: URI.vulnerability
oval:org.mitre.oval:def:988123Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.vulnerability
oval:org.mitre.oval:def:987023Integer overflow in sys_epoll_wait in eventpoll.c for Linux kernel 2.6 to 2.6.11 allows local users to overwrite kernel memory via a large number of events.vulnerability
oval:org.mitre.oval:def:986723Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.vulnerability
Page 1 of 52 (2052 items)Prev1234567505152Next

company ALTEX-SOFT 2008-2019, © ZAO ALTEX-SOFT , ovaldb@altx-soft.com

OVAL and the OVAL logo are registered trademarks of The MITRE Corporation. Other names may be trademarks of their respective owners.