Filtered by vendor
Subscriptions
Total
1224 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2007-5030 | 1 Dibbler | 1 Dibbler | 2024-11-21 | N/A |
Multiple integer overflows in Dibbler 0.6.0 allow remote attackers to cause a denial of service (daemon crash) via packets containing options with large lengths, which trigger attempts at excessive memory allocation, as demonstrated by (1) the TSrvMsg constructor in SrvMessages/SrvMsg.cpp; the (2) TClntMsg, (3) TClntOptIAAddress, (4) TClntOptIAPrefix, (5) TOptVendorSpecInfo, and (6) TOptOptionRequest constructors; and the (7) TRelIfaceMgr::decodeRelayRepl, (8) TRelMsg::decodeOpts, and (9) TSrvIfaceMgr::decodeRelayForw methods. | ||||
CVE-2007-5029 | 1 Dibbler | 1 Dibbler | 2024-11-21 | N/A |
Dibbler 0.6.0 does not verify that certain length parameters are appropriate for buffer sizes, which allows remote attackers to trigger a buffer over-read and cause a denial of service (daemon crash), as demonstrated by incorrect behavior of the TSrvMsg constructor in SrvMessages/SrvMsg.cpp when (1) reading the option code and option length and (2) parsing options. | ||||
CVE-2007-5004 | 2 Broadcom, Ca | 3 Brightstor Arcserve Backup Laptops Desktops, Desktop Management Suite, Protection Suites | 2024-11-21 | N/A |
Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to execute arbitrary code via a long username and a certain "useless" password. | ||||
CVE-2007-4997 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | N/A |
Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA flag is set, aka an "off-by-two error." | ||||
CVE-2007-4995 | 2 Openssl, Redhat | 2 Openssl, Enterprise Linux | 2024-11-21 | N/A |
Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
CVE-2007-4990 | 2 Redhat, X.org | 2 Enterprise Linux, X Font Server | 2024-11-21 | N/A |
The swap_char2b function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values that specify an arbitrary number of bytes to be swapped on the heap, which triggers heap corruption. | ||||
CVE-2007-4987 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
Off-by-one error in the ReadBlobString function in blob.c in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted image file, which triggers the writing of a '\0' character to an out-of-bounds address. | ||||
CVE-2007-4986 | 2 Imagemagick, Redhat | 2 Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow. | ||||
CVE-2007-4980 | 1 Gcaldaemon | 1 Gcaldaemon | 2024-11-21 | N/A |
The readRequest method in org/gcaldaemon/core/http/HTTPListener.java in GCALDaemon 1.0-beta13 allows remote attackers to cause a denial of service via a large integer value in the Content-Length HTTP header, which triggers a fatal Java OutOfMemoryError. | ||||
CVE-2007-4940 | 3 Guliverkli, Mympc, Verycd | 3 Media Player Classic, Cd-storm, Stormplayer | 2024-11-21 | N/A |
Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a .avi file with certain large "indx truck size" and nEntriesInuse values. | ||||
CVE-2007-4904 | 1 Realnetworks | 2 Helix Player, Realplayer | 2024-11-21 | N/A |
RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 (FC6) and possibly other platforms, allow user-assisted remote attackers to cause a denial of service (application crash) via a malformed .au file that triggers a divide-by-zero error. | ||||
CVE-2007-4769 | 3 Postgresql, Redhat, Tcl Tk | 4 Postgresql, Enterprise Linux, Rhel Application Stack and 1 more | 2024-11-21 | N/A |
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number. | ||||
CVE-2007-4766 | 1 Pcre | 1 Pcre | 2024-11-21 | N/A |
Multiple integer overflows in Perl-Compatible Regular Expression (PCRE) library before 7.3 allow context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via unspecified escape (backslash) sequences. | ||||
CVE-2007-4686 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | N/A |
Integer signedness error in the ttioctl function in bsd/kern/tty.c in the xnu kernel in Apple Mac OS X 10.4 through 10.4.10 allows local users to cause a denial of service (system shutdown) or gain privileges via a crafted TIOCSETD ioctl request. | ||||
CVE-2007-4674 | 1 Apple | 1 Quicktime | 2024-11-21 | N/A |
An "integer arithmetic" error in Apple QuickTime 7.2 allows remote attackers to execute arbitrary code via a crafted movie file containing a movie atom with a large size value, which triggers a stack-based buffer overflow. | ||||
CVE-2007-4657 | 3 Canonical, Debian, Php | 3 Ubuntu Linux, Debian Linux, Php | 2024-11-21 | N/A |
Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, allow remote attackers to obtain sensitive information (memory contents) or cause a denial of service (thread crash) via a large len value to the (1) strspn or (2) strcspn function, which triggers an out-of-bounds read. NOTE: this affects different product versions than CVE-2007-3996. | ||||
CVE-2007-4622 | 1 Ibm | 1 Aix | 2024-11-21 | N/A |
Integer underflow in the dns_name_fromtext function in (1) libdns_nonsecure.a and (2) libdns_secure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" (TSIG key) command line argument to dig. | ||||
CVE-2007-4619 | 3 Flac, Nullsoft, Redhat | 3 Libflac, Winamp, Enterprise Linux | 2024-11-21 | N/A |
Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow. | ||||
CVE-2007-4578 | 1 Sophos | 3 Anti-virus, Scanning Engine, Small Business Suite | 2024-11-21 | N/A |
Sophos Anti-Virus for Windows and for Unix/Linux before 2.48.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UPX packed file, resulting from an "integer cast around". NOTE: as of 20070828, the vendor says this is a DoS and the researcher says this allows code execution, but the researcher is reliable. | ||||
CVE-2007-4568 | 2 Redhat, X.org | 2 Enterprise Linux, X Font Server | 2024-11-21 | N/A |
Integer overflow in the build_range function in X.Org X Font Server (xfs) before 1.0.5 allows context-dependent attackers to execute arbitrary code via (1) QueryXBitmaps and (2) QueryXExtents protocol requests with crafted size values, which triggers a heap-based buffer overflow. |