Total
1251 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-4397 | 3 Apple, Linux, Realnetworks | 4 Mac Os X, Linux Kernel, Realplayer and 1 more | 2011-01-18 | 9.3 HIGH | N/A |
Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code via a crafted TIT2 atom in an AAC file. | |||||
CVE-2010-2999 | 3 Apple, Linux, Realnetworks | 4 Mac Os X, Linux Kernel, Realplayer and 1 more | 2011-01-18 | 9.3 HIGH | N/A |
Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed MLLT atom in an AAC file. | |||||
CVE-2010-1319 | 1 Realnetworks | 3 Helix Mobile Server, Helix Server, Helix Server Mobile | 2010-12-28 | 10.0 HIGH | N/A |
Integer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via a request with a crafted payload length. | |||||
CVE-2010-3792 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2010-12-10 | 6.8 MEDIUM | N/A |
Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG movie file. | |||||
CVE-2010-4502 | 1 Ca | 1 Internet Security Suite Plus 2010 | 2010-12-08 | 7.2 HIGH | N/A |
Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite Plus 2010 allows local users to cause a denial of service (pool corruption) and execute arbitrary code via crafted arguments to the 0x88000080 IOCTL, which triggers a buffer overflow. | |||||
CVE-2010-1526 | 1 Mono-project | 1 Libgdiplus | 2010-12-06 | 6.8 MEDIUM | N/A |
Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via (1) a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; (2) a crafted JPEG file, related to the gdip_load_jpeg_image_internal function in jpegcodec.c; or (3) a crafted BMP file, related to the gdip_read_bmp_image function in bmpcodec.c, leading to heap-based buffer overflows. | |||||
CVE-2010-4070 | 1 Ibm | 1 Informix Dynamic Server | 2010-10-26 | 10.0 HIGH | N/A |
Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308. | |||||
CVE-2010-1866 | 1 Php | 1 Php | 2010-09-29 | 7.5 HIGH | N/A |
The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder. | |||||
CVE-2010-2530 | 3 Apple, Freebsd, Netbsd | 3 Mac Os X, Freebsd, Netbsd | 2010-09-29 | 4.9 MEDIUM | N/A |
Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 and earlier, FreeBSD, and Apple Mac OS X allow local users to cause a denial of service (panic) via a negative size value in a /dev/nsmb ioctl operation, as demonstrated by a (1) SMBIOC_LOOKUP or (2) SMBIOC_OPENSESSION ioctl call. | |||||
CVE-2010-2759 | 1 Mozilla | 1 Bugzilla | 2010-09-07 | 4.0 MEDIUM | N/A |
Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when PostgreSQL is used, does not properly handle large integers in (1) bug and (2) attachment phrases, which allows remote authenticated users to cause a denial of service (bug invisibility) via a crafted comment. | |||||
CVE-2010-1380 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-06-17 | 7.5 HIGH | N/A |
Integer overflow in the cgtexttops CUPS filter in Printing in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page sizes. | |||||
CVE-2010-0539 | 1 Apple | 3 Java 1.5, Java 1.6, Mac Os X | 2010-05-23 | 6.8 MEDIUM | N/A |
Integer signedness error in the window drawing implementation in Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X 10.6 before Update 2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted applet. | |||||
CVE-2010-1620 | 1 Gnustep | 1 Gnustep Base | 2010-05-12 | 7.2 HIGH | N/A |
Integer overflow in the load_iface function in Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 might allow context-dependent attackers to execute arbitrary code via a (1) file or (2) socket that provides configuration data with many entries, leading to a heap-based buffer overflow. | |||||
CVE-2009-4835 | 1 Mega-nerd | 1 Libsndfile | 2010-05-10 | 4.3 MEDIUM | N/A |
The (1) htk_read_header, (2) alaw_init, (3) ulaw_init, (4) pcm_init, (5) float32_init, and (6) sds_read_header functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted audio file. | |||||
CVE-2009-4638 | 1 Ffmpeg | 1 Ffmpeg | 2010-05-03 | 4.3 MEDIUM | N/A |
Integer overflow in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | |||||
CVE-2009-4631 | 1 Ffmpeg | 1 Ffmpeg | 2010-05-03 | 9.3 HIGH | N/A |
Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption. | |||||
CVE-2010-1179 | 1 Apple | 2 Iphone Os, Safari | 2010-03-29 | 9.3 HIGH | N/A |
Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large integer in the numcolors attribute of a recolorinfo element in a VML file, possibly a related issue to CVE-2007-0024. | |||||
CVE-2009-4012 | 1 Linux.thai | 1 Libthai | 2010-03-25 | 10.0 HIGH | N/A |
Multiple integer overflows in LibThai before 0.1.13 might allow context-dependent attackers to execute arbitrary code via long strings that trigger heap-based buffer overflows, related to (1) thbrk/thbrk.c and (2) thwbrk/thwbrk.c. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-4413 | 1 Pps.jussieu | 1 Polipo | 2010-02-25 | 5.0 MEDIUM | N/A |
The httpClientDiscardBody function in client.c in Polipo 0.9.8, 0.9.12, 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a request with a large Content-Length value, which triggers an integer overflow, a signed-to-unsigned conversion error with a negative value, and a segmentation fault. | |||||
CVE-2010-0561 | 1 Netbsd | 1 Netbsd | 2010-02-08 | 4.9 MEDIUM | N/A |
Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users to cause a denial of service (kernel panic) via a negative mixer index number being passed to (1) the azalia_query_devinfo function in the azalia audio driver (src/sys/dev/pci/azalia.c) or (2) the hdaudio_afg_query_devinfo function in the hdaudio audio driver (src/sys/dev/pci/hdaudio/hdaudio_afg.c). |