CVE List

Id CVE No. Status Description Phase Votes Comments Actions
4072  CVE-2001-1268  Candidate  Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.  Modified (20100521)  ACCEPT(3) Cole, Cox, Green | MODIFY(1) Frech | NOOP(3) Christey, Foat, Wall  CHANGE> [Cox changed vote from REVIEWING to ACCEPT] | Christey> MANDRAKE:MDKSA-2002:065 | Frech> XF:archive-extraction-directory-traversal(10224) | Christey> CONECTIVA:CLA-2002:538 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000538 | HP:HPSBTL0209-068 | URL:http://online.securityfocus.com/advisories/4514 | REDHAT:RHSA-2002:096 | URL:http://www.redhat.com/support/errata/RHSA-2002-096.html  View
4073  CVE-2001-1269  Candidate  Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the "/" (slash) character.  Modified (20100521)  ACCEPT(3) Cole, Cox, Green | MODIFY(1) Frech | NOOP(3) Christey, Foat, Wall  CHANGE> [Cox changed vote from REVIEWING to ACCEPT] | Christey> MANDRAKE:MDKSA-2002:065 | Frech> XF:archive-extraction-directory-traversal(10224) | Christey> CONECTIVA:CLA-2002:538 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000538 | REDHAT:RHSA-2002:096 | URL:http://www.redhat.com/support/errata/RHSA-2002-096.html  View
8483  CVE-2004-0055  Candidate  The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.  Modified (20100819)  ACCEPT(6) Armstrong, Baker, Cole, Cox, Wall, Williams | NOOP(1) Christey  Cox> ADDREF: REDHAT:RHSA-2004:007 | Williams> http://cvs.tcpdump.org/cgi-bin/cvsweb/tcpdump/print-isakmp.c | Christey> SCO:SCOSA-2004.9 | URL:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt  View
8485  CVE-2004-0057  Candidate  The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used in a loop, a different vulnerability than CVE-2003-0989.  Modified (20100819)  ACCEPT(6) Armstrong, Baker, Cole, Cox, Green, Wall | NOOP(1) Christey  Christey> SCO:SCOSA-2004.9 | URL:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.9/SCOSA-2004.9.txt  View
8511  CVE-2004-0083  Candidate  Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106.  Modified (20100819)  ACCEPT(5) Armstrong, Baker, Cole, Cox, Wall | NOOP(1) Christey  Christey> CIAC:O-081 | URL:http://www.ciac.org/ciac/bulletins/o-081.shtml | IMMUNIX:IMNX-2004-73-002-01 | URL:http://www.securityfocus.com/advisories/6328 | BID:9636 | URL:http://www.securityfocus.com/bid/9636 | Christey> Normalize Gentoo reference | Christey> SCO:SCOSA-2004.2 | URL:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.2/SCOSA-2004.2.txt | SCO:SCOSA-2004.3 | URL:ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.3/SCOSA-2004.3.txt  View

Page 20511 of 20943, showing 5 records out of 104715 total, starting on record 102551, ending on 102555

Actions