Redhat Linux Advanced Workstation vulnerabilities
65 known vulnerabilities affecting redhat/linux_advanced_workstation.
Total CVEs
65
CISA KEV
0
Public exploits
7
Exploited in wild
0
Severity breakdown
CRITICAL8HIGH21MEDIUM32LOW4
Vulnerabilities
Page 3 of 4
CVE-2004-1073LOWCVSS 2.1PoCv2.12005-01-10
CVE-2004-1073 [LOW] CVE-2004-1073: The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
nvd
CVE-2004-0904CRITICALCVSS 10.0v2.12004-12-31
CVE-2004-0904 [CRITICAL] CVE-2004-0904: Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overflows.
nvd
CVE-2004-0817HIGHCVSS 7.5v2.12004-12-31
CVE-2004-0817 [HIGH] CVE-2004-0817: Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execut
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
nvd
CVE-2004-0802MEDIUMCVSS 5.1v2.12004-12-31
CVE-2004-0802 [MEDIUM] CVE-2004-0802: Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrar
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
nvd
CVE-2004-0803HIGHCVSS 7.5v2.12004-12-23
CVE-2004-0803 [HIGH] CVE-2004-0803: Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, re
Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.
nvd
CVE-2004-1145MEDIUMCVSS 5.0v2.12004-12-15
CVE-2004-1145 [MEDIUM] CVE-2004-1145: Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java c
Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.
nvd
CVE-2004-1142MEDIUMCVSS 5.0v2.12004-12-15
CVE-2004-1142 [MEDIUM] CVE-2004-1142: Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption)
Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.
nvd
CVE-2004-1139MEDIUMCVSS 5.0v2.12004-12-15
CVE-2004-1139 [MEDIUM] CVE-2004-1139: Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attacke
Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).
nvd
CVE-2004-0634MEDIUMCVSS 5.0v2.12004-12-06
CVE-2004-0634 [MEDIUM] CVE-2004-0634: The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a deni
The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.
nvd
CVE-2004-0633MEDIUMCVSS 5.0PoCv2.12004-12-06
CVE-2004-0633 [MEDIUM] CVE-2004-0633: The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of s
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
nvd
CVE-2004-0635MEDIUMCVSS 5.0v2.12004-12-06
CVE-2004-0635 [MEDIUM] CVE-2004-0635: The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of se
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.
nvd
CVE-2004-0494HIGHCVSS 7.5v2.12004-11-23
CVE-2004-0494 [HIGH] CVE-2004-0494: Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote att
Multiple extfs backend scripts for GNOME virtual file system (VFS) before 1.0.1 may allow remote attackers to perform certain unauthorized actions via a gnome-vfs URI.
nvd
CVE-2004-1613MEDIUMCVSS 5.0v2.12004-10-18
CVE-2004-1613 [MEDIUM] CVE-2004-1613: Mozilla allows remote attackers to cause a denial of service (application crash from null dereferenc
Mozilla allows remote attackers to cause a denial of service (application crash from null dereference or infinite loop) via a web page that contains a (1) TEXTAREA, (2) INPUT, (3) FRAMESET or (4) IMG tag followed by a null character and some trailing characters, as demonstrated by mangleme.
nvd
CVE-2004-0827HIGHCVSS 7.5v2.12004-09-16
CVE-2004-0827 [HIGH] CVE-2004-0827: Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3) DIB files.
nvd
CVE-2004-0905MEDIUMCVSS 4.6v2.12004-09-14
CVE-2004-0905 [MEDIUM] CVE-2004-0905: Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows
Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allows remote attackers to perform cross-domain scripting and possibly execute arbitrary code by convincing a user to drag and drop javascript: links to a frame or page in another domain.
nvd
CVE-2004-0111MEDIUMCVSS 5.0v2.12004-04-15
CVE-2004-0111 [MEDIUM] CVE-2004-0111: gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap
gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
nvd
CVE-2004-0105HIGHCVSS 7.5v2.12004-03-03
CVE-2004-0105 [HIGH] CVE-2004-0105: Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary co
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
nvd
CVE-2004-0104HIGHCVSS 7.5PoCv2.12004-03-03
CVE-2004-0104 [HIGH] CVE-2004-0104: Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
nvd
CVE-2003-0859MEDIUMCVSS 4.9v2.12003-12-15
CVE-2003-0859 [MEDIUM] CVE-2003-0859: The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial o
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
nvd
CVE-2003-0699HIGHCVSS 7.5v2.12003-08-27
CVE-2003-0699 [HIGH] CVE-2003-0699: The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access use
The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700.
nvd