CVE Tools

caldera

Operating Systemscommercial

82

Cumulative CVEs

24

Monthly snapshots

#4

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting caldera.

CVE-2014-2936The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection attacks in the global scope via (1) the maindir_hotfolder parameter to dirmng/index.php, or an unspecifie...7.5May 8, 2014
CVE-2014-2935costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute arbitrary commands via shell metacharacters in a methodCall element in a PHP XMLRPC request.10.0May 8, 2014
CVE-2014-2934Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute arbitrary SQL commands via the tr parameter to (1) costview2/jobs.php or (2) costview2/printers.php.7.5May 8, 2014
CVE-2014-2933Directory traversal vulnerability in dirmng/index.php in Caldera 9.20 allows remote attackers to access arbitrary directories via a crafted pathname.5.0May 8, 2014
CVE-2001-1577Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused.7.5Aug 5, 2005
CVE-2001-1576Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.4.6Aug 5, 2005
CVE-2001-1478Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code.7.2Jun 21, 2005
CVE-2002-0835Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.5.0Sep 1, 2004
CVE-2002-1231SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp call on /proc.2.1Sep 1, 2004
CVE-2002-1199The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map...5.0Sep 1, 2004
CVE-2003-0658Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files v...5.0Sep 3, 2003
CVE-2002-0679Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.10.0Apr 2, 2003
CVE-2002-0678CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.7.2Apr 2, 2003
CVE-2002-0988Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities.10.0Apr 2, 2003
CVE-2002-0987X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.7.2Apr 2, 2003