Search
Total
1258 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1519 | 1 Glpng | 1 Glpng | 2018-10-10 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in glpng.c in glpng 1.45 allow context-dependent attackers to execute arbitrary code via a crafted PNG image, related to (1) the pngLoadRawF function and (2) the pngLoadF function, leading to heap-based buffer overflows. | |||||
| CVE-2010-1199 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2018-10-10 | 9.3 HIGH | N/A |
| Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node. | |||||
| CVE-2010-1103 | 1 Mesadynamics | 1 Stainless | 2018-10-10 | 5.0 MEDIUM | N/A |
| Integer overflow in Stainless allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
| CVE-2010-1102 | 1 Omnigroup | 1 Omniweb | 2018-10-10 | 5.0 MEDIUM | N/A |
| Integer overflow in OmniWeb allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
| CVE-2010-1101 | 1 Icab | 1 Icab | 2018-10-10 | 5.0 MEDIUM | N/A |
| Integer overflow in Alexander Clauss iCab allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
| CVE-2010-1100 | 1 Arora-browser | 1 Arora | 2018-10-10 | 5.0 MEDIUM | N/A |
| Integer overflow in Arora allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
| CVE-2010-1099 | 1 Apple | 1 Safari | 2018-10-10 | 5.0 MEDIUM | N/A |
| Integer overflow in Apple Safari allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
| CVE-2010-0766 | 1 Luxology | 1 Modo | 2018-10-10 | 9.3 HIGH | N/A |
| Integer overflow in the Swap4 function in valet4.dll in Luxology Modo 401 allows user-assisted remote attackers to execute arbitrary code via a .LXO file containing a CHNL subchunk associated with an invalid length. | |||||
| CVE-2010-0519 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2018-10-10 | 6.8 MEDIUM | N/A |
| Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a FlashPix image with a malformed SubImage Header Stream containing a NumberOfTiles field with a large value. | |||||
| CVE-2010-0405 | 2 Bzip, Libzip2 | 2 Bzip2, Libzip2 | 2018-10-10 | 5.1 MEDIUM | N/A |
| Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted compressed file. | |||||
| CVE-2010-0280 | 2 Google, Jan Eric Krprianidis | 2 Google Sketchup, Lib3ds | 2018-10-10 | 9.3 HIGH | N/A |
| Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted structures in a 3DS file, probably related to mesh.c. | |||||
| CVE-2009-4356 | 1 Nullsoft | 1 Winamp | 2018-10-10 | 9.3 HIGH | N/A |
| Multiple integer overflows in the jpeg.w5s and png.w5s filters in Winamp before 5.57 allow remote attackers to execute arbitrary code via malformed (1) JPEG or (2) PNG data in an MP3 file. | |||||
| CVE-2009-4003 | 1 Adobe | 1 Shockwave Player | 2018-10-10 | 9.3 HIGH | N/A |
| Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via (2) an unspecified 3D block in a Shockwave file, leading to memory corruption; or (3) a crafted 3D model in a Shockwave file, leading to heap memory corruption. | |||||
| CVE-2009-4001 | 1 Xnview | 1 Xnview | 2018-10-10 | 9.3 HIGH | N/A |
| Integer overflow in XnView before 1.97.2 might allow remote attackers to execute arbitrary code via a DICOM image with crafted dimensions, leading to a heap-based buffer overflow. | |||||
| CVE-2009-3997 | 1 Nullsoft | 1 Winamp | 2018-10-10 | 9.3 HIGH | N/A |
| Integer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57 might allow remote attackers to execute arbitrary code via an Oktalyzer file that triggers a heap-based buffer overflow. | |||||
| CVE-2009-3743 | 1 Artifex | 3 Afpl Ghostscript, Ghostscript Fonts, Gpl Ghostscript | 2018-10-10 | 9.3 HIGH | N/A |
| Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed TrueType font in a document that trigger an integer overflow and a heap-based buffer overflow. | |||||
| CVE-2009-3586 | 1 Frank Yaul | 1 Corehttp | 2018-10-10 | 7.5 HIGH | N/A |
| Off-by-one error in src/http.c in CoreHTTP 0.5.3.1 and earlier allows remote attackers to cause a denial of service or possibly execute arbitrary code via an HTTP request with a long first line that triggers a buffer overflow. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2007-4060. | |||||
| CVE-2009-2754 | 2 Emc, Ibm | 2 Legato Networker, Informix Dynamic Server | 2018-10-10 | 10.0 HIGH | N/A |
| Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow. | |||||
| CVE-2009-2539 | 1 Aigo | 1 Aigo Md P8860 | 2018-10-10 | 7.8 HIGH | N/A |
| The Aigo P8860 allows remote attackers to cause a denial of service (memory consumption and browser hang) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | |||||
| CVE-2009-2355 | 1 Dan Cahill | 1 Nulllogic Groupware | 2018-10-10 | 4.0 MEDIUM | N/A |
| The forum module in NullLogic Groupware 1.2.7 allows remote authenticated users to cause a denial of service (application crash) by specifying (1) an empty string or (2) a non-numeric string when selecting a forum, related to the fmessagelist function. | |||||
| CVE-2009-2347 | 1 Libtiff | 1 Libtiff | 2018-10-10 | 9.3 HIGH | N/A |
| Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr. | |||||
| CVE-2009-2295 | 1 Jun Furuse | 1 Camlimages | 2018-10-10 | 7.5 HIGH | N/A |
| Multiple integer overflows in CamlImages 2.2 and earlier might allow context-dependent attackers to execute arbitrary code via a crafted PNG image with large width and height values that trigger a heap-based buffer overflow in the (1) read_png_file or (2) read_png_file_as_rgb24 function. | |||||
| CVE-2009-2294 | 1 Dillo | 1 Dillo | 2018-10-10 | 7.5 HIGH | N/A |
| Integer overflow in the Png_datainfo_callback function in Dillo 2.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a PNG image with crafted (1) width or (2) height values. | |||||
| CVE-2009-1882 | 1 Imagemagick | 1 Imagemagick | 2018-10-10 | 9.3 HIGH | N/A |
| Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer overflow. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2009-1869 | 1 Adobe | 3 Air, Flash Player, Flex | 2018-10-10 | 9.3 HIGH | N/A |
| Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer. | |||||
| CVE-2009-1717 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2018-10-10 | 6.8 MEDIUM | N/A |
| Integer overflow in Terminal in Apple Mac OS X 10.5 before 10.5.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted size value in a CSI[4 xterm resize escape sequence that triggers a heap-based buffer overflow. | |||||
| CVE-2009-1566 | 1 Roxio | 2 Creator, Easy Media Creator | 2018-10-10 | 9.3 HIGH | N/A |
| Integer overflow in Roxio Easy Media Creator 9.0.136, and Roxio Creator 2010 before SP1, might allow remote attackers to execute arbitrary code via an image with crafted dimensions. | |||||
| CVE-2009-1385 | 2 Intel, Linux | 3 E1000, Kernel, Linux Kernel | 2018-10-10 | 7.8 HIGH | N/A |
| Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote attackers to cause a denial of service (panic) via a crafted frame size. | |||||
| CVE-2009-1194 | 1 Pango | 1 Pango | 2018-10-10 | 6.8 MEDIUM | N/A |
| Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location value in Firefox. | |||||
| CVE-2009-1188 | 1 Poppler | 1 Poppler | 2018-10-10 | 5.0 MEDIUM | N/A |
| Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document. | |||||
| CVE-2009-1187 | 1 Poppler | 1 Poppler | 2018-10-10 | 5.0 MEDIUM | N/A |
| Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc). | |||||
| CVE-2009-1099 | 1 Sun | 2 Java Runtime Environment, Java Se Development Kit | 2018-10-10 | 7.5 HIGH | N/A |
| Integer signedness error in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via crafted glyph descriptions in a Type1 font, which bypasses a signed comparison and triggers a buffer overflow. | |||||
| CVE-2009-1095 | 1 Sun | 2 Jdk, Jre | 2018-10-10 | 10.0 HIGH | N/A |
| Integer overflow in unpack200 in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers. | |||||
| CVE-2009-0847 | 1 Mit | 1 Kerberos | 2018-10-10 | 4.3 MEDIUM | N/A |
| The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic. | |||||
| CVE-2009-0787 | 1 Linux | 1 Linux Kernel | 2018-10-10 | 4.9 MEDIUM | N/A |
| The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory. | |||||
| CVE-2009-0792 | 2 Argyllcms, Ghostscript | 2 Argyllcms, Ghostscript | 2018-10-10 | 9.3 HIGH | N/A |
| Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly execute arbitrary code by using a device file for a translation request that operates on a crafted image file and targets a certain "native color space," related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images. NOTE: this issue exists because of an incomplete fix for CVE-2009-0583. | |||||
| CVE-2009-0698 | 1 Xine | 1 Xine-lib | 2018-10-10 | 7.5 HIGH | N/A |
| Integer overflow in the 4xm demuxer (demuxers/demux_4xm.c) in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a 4X movie file with a large current_track value, a similar issue to CVE-2009-0385. | |||||
| CVE-2009-0608 | 1 Android | 1 Android Sdk | 2018-10-10 | 7.2 HIGH | N/A |
| Integer overflow in the showLog function in fake_log_device.c in liblog in Open Handset Alliance Android 1.0 allows attackers to trigger a buffer overflow and possibly have unspecified other impact by sending a large number of input lines. | |||||
| CVE-2009-0607 | 1 Openhandsetalliance | 1 Android Sdk | 2018-10-10 | 7.2 HIGH | N/A |
| Multiple integer overflows in malloc_leak.c in Bionic in Open Handset Alliance Android 1.0 have unknown impact and attack vectors, related to the (1) chk_calloc and (2) leak_calloc functions. | |||||
| CVE-2009-0585 | 1 Joe Shaw | 1 Libsoup | 2018-10-10 | 7.5 HIGH | N/A |
| Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation. | |||||
| CVE-2009-0584 | 2 Argyllcms, Ghostscript | 2 Cms, Ghostscript | 2018-10-10 | 9.3 HIGH | N/A |
| icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images. | |||||
| CVE-2009-0586 | 1 Gstreamer | 1 Gst-plugins-base | 2018-10-10 | 7.5 HIGH | N/A |
| Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via a crafted COVERART tag that is converted from a base64 representation, which triggers a heap-based buffer overflow. | |||||
| CVE-2009-0587 | 1 Go-evolution | 1 Evolution-data-server | 2018-10-10 | 7.5 HIGH | N/A |
| Multiple integer overflows in Evolution Data Server (aka evolution-data-server) before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in (1) addressbook/libebook/e-vcard.c in evc or (2) camel/camel-mime-utils.c in libcamel. | |||||
| CVE-2012-0711 | 3 Ibm, Linux, Sun | 4 Aix, Db2, Linux Kernel and 1 more | 2018-10-10 | 7.5 HIGH | N/A |
| Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 through FP11, 9.5 before FP9, and 9.7 through FP5 on UNIX platforms allows remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow. | |||||
| CVE-2015-8221 | 1 Google | 1 Picasa | 2018-10-09 | 10.0 HIGH | N/A |
| Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow. | |||||
| CVE-2015-8396 | 1 Grassroots Dicom Project | 1 Grassroots Dicom | 2018-10-09 | 10.0 HIGH | 10.0 CRITICAL |
| Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitrary code via crafted header dimensions in a DICOM image file, which triggers a buffer overflow. | |||||
| CVE-2015-8096 | 1 Google | 1 Picasa | 2018-10-09 | 10.0 HIGH | N/A |
| Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute arbitrary code via unspecified vectors related to "phase one 0x412 tag," which triggers a heap-based buffer overflow. | |||||
| CVE-2015-3885 | 2 Dcraw Project, Fedoraproject | 2 Dcraw, Fedora | 2018-10-09 | 4.3 MEDIUM | N/A |
| Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable. | |||||
| CVE-2015-0261 | 1 Tcpdump | 1 Tcpdump | 2018-10-09 | 7.5 HIGH | N/A |
| Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (out-of-bounds read and crash) or possibly execute arbitrary code via a negative length value. | |||||
| CVE-2014-9029 | 1 Jasper Project | 1 Jasper | 2018-10-09 | 7.5 HIGH | N/A |
| Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow. | |||||