Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.
Max CVSS
10.0
EPSS Score
7.14%
Published
2000-05-24
Updated
2008-09-10
libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro.
Max CVSS
5.0
EPSS Score
2.42%
Published
2000-06-19
Updated
2008-09-10
GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages.
Max CVSS
5.0
EPSS Score
0.94%
Published
2003-05-05
Updated
2017-10-11
gtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a denial of service (crash) via a malformed message that causes a null pointer dereference.
Max CVSS
5.0
EPSS Score
1.44%
Published
2003-09-17
Updated
2017-10-11
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549.
Max CVSS
5.0
EPSS Score
0.41%
Published
2003-08-27
Updated
2017-10-11
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name.
Max CVSS
5.0
EPSS Score
0.41%
Published
2003-08-27
Updated
2017-10-11
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not restrict the size of input, which allows attackers to cause a denial of service (memory consumption).
Max CVSS
2.1
EPSS Score
0.06%
Published
2003-11-17
Updated
2017-07-11
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not reading the results.
Max CVSS
2.1
EPSS Score
0.06%
Published
2003-11-17
Updated
2017-07-11
gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
Max CVSS
5.0
EPSS Score
1.25%
Published
2004-04-15
Updated
2017-10-10
The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.
Max CVSS
5.0
EPSS Score
10.58%
Published
2004-10-20
Updated
2023-08-11
Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.
Max CVSS
5.0
EPSS Score
17.59%
Published
2004-10-20
Updated
2023-08-11
Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.
Max CVSS
10.0
EPSS Score
7.00%
Published
2005-01-27
Updated
2017-10-11
Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.
Max CVSS
10.0
EPSS Score
4.64%
Published
2005-01-27
Updated
2017-07-11
Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image.
Max CVSS
7.5
EPSS Score
1.79%
Published
2005-05-02
Updated
2024-02-02
Format string vulnerability in gedit 2.10.2 may allow attackers to cause a denial of service (application crash) via a bin file with format string specifiers in the filename. NOTE: while this issue is triggered on the command line by the gedit user, it has been reported that web browsers and email clients could be configured to provide a file name as an argument to gedit, so there is a valid attack that crosses security boundaries.
Max CVSS
2.6
EPSS Score
0.59%
Published
2005-05-20
Updated
2018-10-03
Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task list data from remote servers.
Max CVSS
7.5
EPSS Score
8.33%
Published
2005-08-12
Updated
2018-10-03
Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab.
Max CVSS
7.5
EPSS Score
10.99%
Published
2005-08-12
Updated
2018-10-03
io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.
Max CVSS
7.8
EPSS Score
0.87%
Published
2005-11-18
Updated
2023-08-11
Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.
Max CVSS
7.5
EPSS Score
1.27%
Published
2005-11-18
Updated
2023-08-03
GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml.
Max CVSS
5.0
EPSS Score
1.83%
Published
2006-03-10
Updated
2018-10-19
The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.
Max CVSS
5.0
EPSS Score
17.36%
Published
2006-02-02
Updated
2018-10-03
Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service (persistent crash) via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used.
Max CVSS
2.6
EPSS Score
0.87%
Published
2006-06-02
Updated
2010-04-02
Unspecified vulnerability in NetworkManager daemon for DHCP (dhcdbd) allows remote attackers to cause a denial of service (crash) via certain invalid DHCP responses that trigger memory corruption.
Max CVSS
5.0
EPSS Score
2.15%
Published
2006-06-16
Updated
2018-10-03
The GConf daemon (gconfd) in GConf 2.14.0 creates temporary files under directories with names based on the username, even when GCONF_GLOBAL_LOCKS is not set, which allows local users to cause a denial of service by creating the directories ahead of time, which prevents other users from using Gnome.
Max CVSS
1.9
EPSS Score
0.04%
Published
2006-12-22
Updated
2011-03-08
The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.
Max CVSS
2.1
EPSS Score
0.09%
Published
2007-01-24
Updated
2022-02-07
86 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!