Total
1251 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-0062 | 1 Vmware | 5 Ace, Player, Server and 2 more | 2018-10-16 | 10.0 HIGH | N/A |
Integer overflow in the ISC dhcpd 3.0.x before 3.0.7 and 3.1.x before 3.1.1; and the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528; allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a malformed DHCP packet with a large dhcp-max-message-size that triggers a stack-based buffer overflow, related to servers configured to send many DHCP options to clients. | |||||
CVE-2007-0008 | 1 Mozilla | 4 Firefox, Network Security Services, Seamonkey and 1 more | 2018-10-16 | 6.8 MEDIUM | N/A |
Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to execute arbitrary code via a crafted SSLv2 server message containing a public key that is too short to encrypt the "Master Secret", which results in a heap-based overflow. | |||||
CVE-2008-0986 | 1 Google | 1 Android Sdk | 2018-10-15 | 7.5 HIGH | N/A |
Integer overflow in the BMP::readFromStream method in the libsgl.so library in Google Android SDK m3-rc37a and earlier, and m5-rc14, allows remote attackers to execute arbitrary code via a crafted BMP file with a header containing a negative offset field. | |||||
CVE-2008-0944 | 1 Ipswitch | 1 Instant Messaging | 2018-10-15 | 5.0 MEDIUM | N/A |
Ipswitch Instant Messaging (IM) 2.0.8.1 and earlier allows remote attackers to cause a denial of service (NULL dereference and application crash) via a version field containing zero. | |||||
CVE-2008-0767 | 2 Extremez, Extremez-ip | 2 Print Server, File Server | 2018-10-15 | 5.0 MEDIUM | N/A |
ExtremeZ-IP.exe in ExtremeZ-IP File and Print Server 5.1.2x15 and earlier does not verify that a certain "number of URLs" field is consistent with the packet length, which allows remote attackers to cause a denial of service (daemon crash) via a large integer in this field in a packet to the Service Location Protocol (SLP) service on UDP port 427, triggering an out-of-bounds read. | |||||
CVE-2008-0726 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2018-10-15 | 9.3 HIGH | N/A |
Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption. | |||||
CVE-2008-0486 | 2 Mplayer, Xine | 2 Mplayer, Xine-lib | 2018-10-15 | 7.5 HIGH | N/A |
Array index vulnerability in libmpdemux/demux_audio.c in MPlayer 1.0rc2 and SVN before r25917, and possibly earlier versions, as used in Xine-lib 1.1.10, might allow remote attackers to execute arbitrary code via a crafted FLAC tag, which triggers a buffer overflow. | |||||
CVE-2008-0434 | 1 Gecad Technologies | 1 Axigen Mail Server | 2018-10-15 | 9.3 HIGH | N/A |
Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command. | |||||
CVE-2008-0485 | 1 Mplayer | 1 Mplayer | 2018-10-15 | 9.3 HIGH | N/A |
Array index error in libmpdemux/demux_mov.c in MPlayer 1.0 rc2 and earlier might allow remote attackers to execute arbitrary code via a QuickTime MOV file with a crafted stsc atom tag. | |||||
CVE-2008-0062 | 2 Apple, Mit | 3 Mac Os X, Mac Os X Server, Kerberos 5 | 2018-10-15 | 9.3 HIGH | N/A |
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer dereference or double-free. | |||||
CVE-2007-6627 | 1 Feng | 1 Feng | 2018-10-15 | 7.5 HIGH | N/A |
Integer overflow in the RTSP_remove_msg function in RTSP_lowlevel.c in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an RTP packet with a size value of 0xffff. | |||||
CVE-2007-6523 | 1 Opera | 1 Opera Browser | 2018-10-15 | 7.8 HIGH | N/A |
Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a large number of calculations and checks. | |||||
CVE-2007-6429 | 1 X.org | 3 Evi, Mit-shm, Xserver | 2018-10-15 | 9.3 HIGH | N/A |
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by the EVI extension, or (2) a request containing values related to pixmap size that are improperly used in management of shared memory by the MIT-SHM extension. | |||||
CVE-2007-6352 | 1 Libexif | 1 Libexif | 2018-10-15 | 6.8 MEDIUM | N/A |
Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c. | |||||
CVE-2007-6113 | 1 Wireshark | 1 Wireshark | 2018-10-15 | 4.3 MEDIUM | N/A |
Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet. | |||||
CVE-2007-6067 | 2 Postgresql, Tcl Tk | 2 Postgresql, Tcl Tk | 2018-10-15 | 6.8 MEDIUM | N/A |
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states. | |||||
CVE-2007-5416 | 1 Drupal | 1 Drupal | 2018-10-15 | 6.8 MEDIUM | N/A |
Drupal 5.2 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by invoking the drupal_eval function through a callback parameter to the default URI, as demonstrated by the _menu[callbacks][1][callback] parameter. NOTE: it could be argued that this vulnerability is due to a bug in the unset PHP command (CVE-2006-3017) and the proper fix should be in PHP; if so, then this should not be treated as a vulnerability in Drupal. | |||||
CVE-2007-5369 | 1 Massive Entertainment | 1 World In Conflict | 2018-10-15 | 5.0 MEDIUM | N/A |
The GetMagicNumberString function in Massive Entertainment World in Conflict 1.000 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a string to the VoIP port (52999/tcp) with an invalid value in the third byte. | |||||
CVE-2007-5267 | 1 Libpng | 1 Libpng | 2018-10-15 | 4.3 MEDIUM | N/A |
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.2.22 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image, due to an incorrect fix for CVE-2007-5266. | |||||
CVE-2007-5250 | 1 Americasarmy | 2 America\'s Army, America\'s Army Special Forces | 2018-10-15 | 4.3 MEDIUM | N/A |
The Windows dedicated server for the Unreal engine, as used by America's Army and America's Army Special Forces 2.8.2 and earlier, when Punkbuster (PB) is enabled, allows remote attackers to cause a denial of service (server hang) via packets containing 0x07 characters or other unspecified invalid characters. NOTE: this issue may overlap CVE-2007-4443. NOTE: this issue might be in Punkbuster itself, but there are insufficient details to be certain. |