Redhat : Security Vulnerabilities, CVEs, Published In 2007 (Overflow) CVSS score >= 8
Heap-based buffer overflow in cygwin1.dll in Cygwin 1.5.7 and earlier allows context-dependent attackers to execute arbitrary code via a filename with a certain length, as demonstrated by a remote authenticated user who uses the SCP protocol to send a file to the Cygwin machine, and thereby causes scp.exe on this machine to execute, and then overwrite heap memory with characters from the filename. NOTE: it is also reported that a related issue might exist in 1.5.7 through 1.5.19.
Max CVSS
8.5
EPSS Score
2.33%
Published
2007-11-30
Updated
2018-10-26
Integer overflow in the bdfReadCharacters function in bdfread.c in (1) X.Org libXfont before 20070403 and (2) freetype 2.3.2 and earlier allows remote authenticated users to execute arbitrary code via crafted BDF fonts, which result in a heap overflow.
Max CVSS
8.5
EPSS Score
5.03%
Published
2007-04-06
Updated
2018-10-16
2 vulnerabilities found