| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program. |
| Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts. |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter. |
| IRIX fam service allows an attacker to obtain a list of all files on the server. |
| Buffer overflow in mailx mail command (aka Mail) on Linux systems allows local users to gain privileges via a long -c (carbon copy) parameter. |
| Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request. |
| Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line. |
| SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metacharacters. |
| Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges. |
| Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs. |
| Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions. |
| Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to overwrite arbitrary files. |
| The asynchronous I/O facility in 4.4 BSD kernel does not check user credentials when setting the recipient of I/O notification, which allows local users to cause a denial of service by using certain ioctl and fcntl calls to cause the signal to be sent to an arbitrary process ID. |
| Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port. |
| The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang). |
| colorview in Silicon Graphics IRIX 5.1, 5.2, and 6.0 allows local attackers to read arbitrary files via the -text argument. |
| Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands. |
| Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters. |
| inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file. |
