This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-05-29 17:22:06 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
---|---|
322d4ff6-85c3-11d8-a41f-0020ed76ef5a | Midnight Commander buffer overflow during symlink resolution Midnight Commander uses a fixed sized stack buffer while resolving symbolic links within file archives (tar or cpio). If an attacker can cause a user to process a specially crafted file archive with Midnight Commander, the attacker may be able to obtain the privileges of the target user. Discovery 2003-09-19 Entry 2004-04-03 Modified 2004-04-13 mc < 4.6.0_9 CVE-2003-1023 http://marc.theaimsgroup.com/?l=bugtraq&m=106399528518704 8658 |
2b2b333b-6bd3-11d9-95f8-000a95bc6fae | mc -- multiple vulnerabilities Andrew V. Samoilov reported several vulnerabilities that were corrected in MidnightCommand 4.6.0:
Discovery 2004-12-01 Entry 2005-01-21 mc < 4.6.0 CVE-2004-1004 CVE-2004-1005 CVE-2004-1009 CVE-2004-1090 CVE-2004-1091 CVE-2004-1092 CVE-2004-1093 |
7884d56f-f7a1-11d8-9837-000c41e2cdad | gnomevfs -- unsafe URI handling Alexander Larsson reports that some versions of gnome-vfs and MidnightCommander contain a number of `extfs' scripts that do not properly validate user input. If an attacker can cause her victim to process a specially-crafted URI, arbitrary commands can be executed with the privileges of the victim. Discovery 2004-08-04 Entry 2004-08-26 gnomevfs2 < 2.6.2_1 gnomevfs < 1.0.5_6 mc le 4.6.0_12 CVE-2004-0494 10864 http://www.ciac.org/ciac/bulletins/o-194.shtml http://xforce.iss.net/xforce/xfdb/16897 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=127263 |
0c6f3fde-9c51-11d8-9366-0020ed76ef5a | Midnight Commander buffer overflows, format string bugs, and insecure temporary file handling Jakub Jelinek reports several security related bugs in Midnight Commander, including:
Discovery 2004-04-29 Entry 2004-05-02 Modified 2004-06-14 mc < 4.6.0_10 CVE-2004-0226 CVE-2004-0231 CVE-2004-0232 |