Total
1547 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-1741 | 1 Apache | 1 Http Server | 2024-02-28 | 6.2 MEDIUM | N/A |
Multiple race conditions in suexec in Apache HTTP Server (httpd) 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." | |||||
CVE-2007-6599 | 2 Debian, Openafs | 2 Debian Linux, Openafs | 2024-02-28 | 4.3 MEDIUM | N/A |
Race condition in fileserver in OpenAFS 1.3.50 through 1.4.5 and 1.5.0 through 1.5.27 allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock. | |||||
CVE-2006-6275 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 4.7 MEDIUM | N/A |
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors, possibly related to the exitlwps function and SIGKILL and /proc PCAGENT signals. | |||||
CVE-2007-0997 | 1 Linux | 1 Linux Kernel | 2024-02-28 | 6.9 MEDIUM | N/A |
Race condition in the tee (sys_tee) system call in the Linux kernel 2.6.17 through 2.6.17.6 might allow local users to cause a denial of service (system crash), obtain sensitive information (kernel memory contents), or gain privileges via unspecified vectors related to a potentially dropped ipipe lock during a race between two pipe readers. | |||||
CVE-2007-5154 | 1 Aimluck | 2 Aipo, Aipo Asp | 2024-02-28 | 5.8 MEDIUM | N/A |
Session fixation vulnerability in Aipo and Aipo ASP 3.0.1.0 and earlier allows remote attackers to hijack web sessions via unspecified vectors. | |||||
CVE-2007-6180 | 1 Sun | 1 Solaris | 2024-02-28 | 7.6 HIGH | N/A |
Race condition in the Remote Procedure Call kernel module (rpcmod) in Sun Solaris 8 through 10 allows local users to cause a denial of service (NULL dereference and panic) via unspecified vectors. | |||||
CVE-2007-3091 | 1 Microsoft | 6 Internet Explorer, Windows 2000, Windows 2003 Server and 3 more | 2024-02-28 | 7.1 HIGH | N/A |
Race condition in Microsoft Internet Explorer 6 SP1; 6 and 7 for Windows XP SP2 and SP3; 6 and 7 for Server 2003 SP2; 7 for Vista Gold, SP1, and SP2; and 7 for Server 2008 SP2 allows remote attackers to execute arbitrary code or perform other actions upon a page transition, with the permissions of the old page and the content of the new page, as demonstrated by setInterval functions that set location.href within a try/catch expression, aka the "bait & switch vulnerability" or "Race Condition Cross-Domain Information Disclosure Vulnerability." | |||||
CVE-2007-5132 | 1 Sun | 1 Solaris | 2024-02-28 | 4.9 MEDIUM | N/A |
Race condition in the kernel in Sun Solaris 8 through 10 allows local users to cause a denial of service (panic) via unspecified vectors related to "the handling of thread contexts." | |||||
CVE-2007-1249 | 1 Contelligent | 1 C1 Financial Services | 2024-02-28 | 6.8 MEDIUM | N/A |
MoveSortedContentAction in C1 Financial Services Contelligent 9.1.4 does not check "the additional environment security configuration," which allows remote attackers with write permissions to reorder components. | |||||
CVE-2007-5847 | 1 Apple | 1 Mac Os X | 2024-02-28 | 6.6 MEDIUM | N/A |
Race condition in the CFURLWriteDataAndPropertiesToResource API in Core Foundation in Apple Mac OS X 10.4.11 creates files with insecure permissions, which might allow local users to obtain sensitive information. | |||||
CVE-2006-5178 | 1 Php | 1 Php | 2024-02-28 | 6.2 MEDIUM | N/A |
Race condition in the symlink function in PHP 5.1.6 and earlier allows local users to bypass the open_basedir restriction by using a combination of symlink, mkdir, and unlink functions to change the file path after the open_basedir check and before the file is opened by the underlying system, as demonstrated by symlinking a symlink into a subdirectory, to point to a parent directory via .. (dot dot) sequences, and then unlinking the resulting symlink. | |||||
CVE-2007-6429 | 1 X.org | 3 Evi, Mit-shm, Xserver | 2024-02-28 | 9.3 HIGH | N/A |
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension. | |||||
CVE-2007-5794 | 1 Nss Ldap | 1 Nss Ldap | 2024-02-28 | 4.3 MEDIUM | N/A |
Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was originally reported for Dovecot with the wrong mailboxes being returned, but other applications might also be affected. | |||||
CVE-2005-3240 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 5.1 MEDIUM | N/A |
Race condition in Microsoft Internet Explorer allows user-assisted attackers to overwrite arbitrary files and possibly execute code by tricking a user into performing a drag-and-drop action from certain objects, such as file objects within a folder view, then predicting the drag action, and re-focusing to a malicious window. | |||||
CVE-2004-2697 | 1 Ibm | 1 Aix | 2024-02-28 | 6.9 MEDIUM | N/A |
The Inventory Scout daemon (invscoutd) 1.3.0.0 and 2.0.2 for AIX 4.3.3 and 5.1 allows local users to gain privileges via a symlink attack on a command line argument (log file). NOTE: this might be related to CVE-2006-5002. | |||||
CVE-2006-1057 | 1 Gnome | 1 Gdm | 2024-02-28 | 3.7 LOW | N/A |
Race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file. | |||||
CVE-2006-2094 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-02-28 | 5.1 MEDIUM | N/A |
Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking an object or pressing keys that are actually applied to a "Yes" approval for executing the control. | |||||
CVE-2004-2491 | 1 Opera | 1 Opera Browser | 2024-02-28 | 2.6 LOW | N/A |
A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks. | |||||
CVE-2004-2698 | 1 Imwheel | 1 Imwheel | 2024-02-28 | 6.9 MEDIUM | N/A |
Race condition in IMWheel 1.0.0pre11 and earlier, when running with the -k option, allows local users to cause a denial of service (IMWheel crash) and possibly modify arbitrary files via a symlink attack on the imwheel.pid file. | |||||
CVE-2004-2659 | 2 Mozilla, Opera | 2 Mozilla, Opera Browser | 2024-02-28 | 4.0 MEDIUM | N/A |
Opera offers an Open button to verify that a user wishes to execute a downloaded file, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking Open via a request for a different mouse or keyboard action very shortly before the Open dialog appears. NOTE: this is a different issue than CVE-2005-2407. |