Total
1251 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-0895 | 1 Novell | 1 Edirectory | 2017-08-16 | 10.0 HIGH | N/A |
Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow. | |||||
CVE-2009-2805 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-16 | 6.8 MEDIUM | N/A |
Integer overflow in CoreGraphics in Apple Mac OS X 10.4.11 and 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JBIG2 stream in a PDF file, leading to a heap-based buffer overflow. | |||||
CVE-2008-6671 | 1 Vertex4 | 1 Sunage | 2017-08-16 | 5.0 MEDIUM | N/A |
Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted join packet to UDP port 27960. | |||||
CVE-2008-6670 | 1 Vertex4 | 1 Sunage | 2017-08-16 | 5.0 MEDIUM | N/A |
Integer overflow in Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet to UDP port 27960. | |||||
CVE-2008-6680 | 1 Clamav | 1 Clamav | 2017-08-16 | 5.0 MEDIUM | N/A |
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash) via a crafted EXE file that triggers a divide-by-zero error. | |||||
CVE-2008-6704 | 1 Stalker-game | 1 S.t.a.l.k.e.r.\ | 2017-08-16 | 5.0 MEDIUM | N/A |
Integer overflow in the NET_Compressor::Decompress function in S.T.A.L.K.E.R.: Shadow of Chernobyl 1.0006 and earlier allows remote attackers to cause a denial of service (server crash) via a crafted packet with a 0xc1 value that contains no compressed data, which triggers a copy of a large amount of memory. | |||||
CVE-2008-7126 | 1 Microfocus | 1 Visibroker | 2017-08-16 | 10.0 HIGH | N/A |
Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port 14000, which triggers a heap-based buffer overflow. | |||||
CVE-2008-6661 | 2 Bitdefender, Linux | 2 Bitdefender Antivirus, Linux | 2017-08-16 | 5.0 MEDIUM | N/A |
Multiple integer overflows in the scanning engine in Bitdefender for Linux 7.60825 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed (1) NeoLite and (2) ASProtect packed PE file. | |||||
CVE-2008-6672 | 1 Vertex4 | 1 Sunage | 2017-08-16 | 5.0 MEDIUM | N/A |
Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service ("runtime error") via a crafted join packet to UDP port 27960, probably related to an invalid nickname command. | |||||
CVE-2008-6085 | 1 F-secure | 17 F-secure Anti-virus, F-secure Anti-virus For Citrix Servers, F-secure Anti-virus For Microsoft Exchange and 14 more | 2017-08-07 | 7.6 HIGH | N/A |
Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow. | |||||
CVE-2009-0155 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-07 | 6.8 MEDIUM | N/A |
Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file that triggers a heap-based buffer overflow. | |||||
CVE-2008-5903 | 1 Xrdp | 1 Xrdp | 2017-08-07 | 7.5 HIGH | N/A |
Array index error in the xrdp_bitmap_def_proc function in xrdp/funcs.c in xrdp 0.4.1 and earlier allows remote attackers to execute arbitrary code via vectors that manipulate the value of the edit_pos structure member. | |||||
CVE-2008-5744 | 1 Asterisk | 1 Zaptel | 2017-08-07 | 7.2 HIGH | N/A |
Array index error in the dahdi/tor2.c driver in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to an incorrect tor2 patch for CVE-2008-5396 that uses the wrong variable in a range check against the value of lc->sync. | |||||
CVE-2008-5714 | 1 Qemu | 1 Qemu | 2017-08-07 | 7.8 HIGH | N/A |
Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended. | |||||
CVE-2008-4799 | 1 Netpbm | 1 Netpbm | 2017-08-07 | 4.3 MEDIUM | N/A |
pamperspective in Netpbm before 10.35.48 does not properly calculate a window height, which allows context-dependent attackers to cause a denial of service (crash) via a crafted image file that triggers an out-of-bounds read. | |||||
CVE-2008-3910 | 1 Hsc | 1 Dns2tcp | 2017-08-07 | 10.0 HIGH | N/A |
dns2tcp before 0.4.1 does not properly handle negative values in a certain length field in the input argument to the (1) dns_simple_decode or (2) dns_decode function, which allows remote attackers to overwrite a buffer and have unspecified other impact. | |||||
CVE-2008-3616 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2017-08-07 | 10.0 HIGH | N/A |
Multiple integer overflows in the SearchKit API in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via vectors associated with "passing untrusted input" to unspecified API functions. | |||||
CVE-2008-3159 | 1 Novell | 1 Edirectory | 2017-08-07 | 10.0 HIGH | N/A |
Integer overflow in ds.dlm, as used by dhost.exe, in Novell eDirectory 8.7.3.10 before 8.7.3 SP10b and 8.8 before 8.8.2 ftf2 allows remote attackers to execute arbitrary code via unspecified vectors that trigger a stack-based buffer overflow, related to "flawed arithmetic." | |||||
CVE-2008-3573 | 2 Php-nuke, Pligg | 2 Php-nuke, Pligg | 2017-08-07 | 5.0 MEDIUM | N/A |
The CAPTCHA implementation in (1) Pligg 9.9.5 and possibly (2) Francisco Burzi PHP-Nuke 8.1 provides a critical random number (the ts_random value) within the URL in the SRC attribute of an IMG element, which allows remote attackers to pass the CAPTCHA test via a calculation that combines this value with the current date and the HTTP User-Agent string. | |||||
CVE-2008-2696 | 1 Exiv2 | 1 Exiv2 | 2017-08-07 | 4.3 MEDIUM | N/A |
Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function. |