2589 matches found
Heap overflow
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
CVE-2009-0689
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
CVE-2009-0689
CVE-2009-0689 is an array-index error in libc’s dtoa/gdtoa floating-point conversion code (dtoa.c/pdtoa.c and gdtoa/misc.c) that can be triggered by a large precision value passed to printf, causing a denial of service (crash) and potentially arbitrary code execution. Affected platforms include F...
CVE-2009-0689
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
CVE-2009-0689
Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...
Microsoft PowerPoint Freelance布局解析堆溢出漏洞
BUGTRAQ ID: 35275 CVECAN ID: CVE-2009-0202 Microsoft PowerPoint是微软Office套件中的文档演示工具。 PowerPoint的Freelance Windows 2.1 Translator(FL21WIN.DLL)在解析布局信息时存在数组索引错误,如果用户受骗打开了恶意的PPT文件就可能触发堆溢出,导致执行任意指令。 安装了MS09-017更新的系统默认下会禁用对Freelance文件的支持,但可在注册表中手动重新启用。 Microsoft PowerPoint 2002 Microsoft PowerPoint 2000...
CVE-2009-0558
Array index error in Excel in Microsoft Office 2000 SP3 and Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac, allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Array Indexing Memory Corruption Vulnerability."...
CVE-2009-0558
CVE-2009-0558 is an Array Indexing Memory Corruption Vulnerability in Microsoft Office Excel parsing code that can be triggered by a specially crafted Excel file. It affects Microsoft Office/Excel on Mac (Office 2004 and 2008 for Mac) and the Open XML File Format Converter for Mac, as well as Exc...
Microsoft Excel ExternSheet Record Indexing Memory Corruption (MS09-021; CVE-2009-0558)
Microsoft Excel is a popular spreadsheet application. A remote code execution vulnerability has been identified in the Microsoft Excel. The vulnerability is due to a memory corruption error when Microsoft Excel reads a value from a specially crafted Excel file and then uses it as an index into an...
BSD (Multiple Distributions) - 'gdtoa/misc.c' Memory Corruption
source: https://www.securityfocus.com/bid/35510/info Multiple BSD distributions are prone to a memory-corruption vulnerability because the software fails to properly bounds-check data used as an array index. Attackers may exploit this issue to execute arbitrary code within the context of affected...
Microsoft PowerPoint Sound Data (CVE-2009-0225)远程代码执行漏洞
Bugraq ID: 34880 CVE ID:CVE-2009-0225 CNCVE ID:CNCVE-20090225 Microsoft PowerPoint是一款微软Office套件中的文档演示工具。 Microsoft PowerPoint处理畸形PPT文件时存在数组索引错误,远程攻击者可以利用漏洞以应用程序权限执行任意代码。 构建恶意文件,诱使用户打开可触发此漏洞。目前没有详细漏洞细节提供。 Microsoft PowerPoint 2003 SP3 Microsoft PowerPoint 2003 SP2 Microsoft PowerPoint 2003 SP1...
Design/Logic Flaw
Array index error in the xnu Mach kernel in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service system shutdown via unspecified vectors related to workqueues...
CVE-2008-1517
Array index error in the xnu Mach kernel in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service system shutdown via unspecified vectors related to workqueues...
Mandriva Linux Security Advisory : php (MDVSA-2009:022)
A vulnerability in PHP allowed context-dependent attackers to cause a denial of service crash via a certain long string in the glob or fnmatch functions CVE-2007-4782. A vulnerability in the cURL library in PHP allowed context-dependent attackers to bypass safemode and openbasedir restrictions an...
Mandriva Linux Security Advisory : mplayer (MDVSA-2008:045)
Heap-based buffer overflow in the rmffdumpcont function in input/libreal/rmff.c in xine-lib 1.1.9 and earlier allows remote attackers to execute arbitrary code via the SDP Abstract attribute, related to the rmffdumpheader function and related to disregarding the max field. Although originally a...
Mandriva Linux Security Advisory : php (MDVSA-2009:021)
A buffer overflow in the imageloadfont function in PHP allowed context-dependent attackers to cause a denial of service crash and potentially execute arbitrary code via a crafted font file CVE-2008-3658. A buffer overflow in the memnstr function allowed context-dependent attackers to cause a deni...
php: libgd imagerotate() array index error memory disclosure
Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument aka the bgdcolor or clrBack argument for an indexed image...
Mandriva Update for mplayer MDVSA-2008:196 (mplayer)
Check for the Version of mplayer OpenVAS Vulnerability Test Mandriva Update for mplayer MDVSA-2008:196 mplayer Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Mandriva Update for xine-lib MDVSA-2008:178 (xine-lib)
Check for the Version of xine-lib OpenVAS Vulnerability Test Mandriva Update for xine-lib MDVSA-2008:178 xine-lib Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Mandriva Update for libneon0.26 MDKSA-2007:013 (libneon0.26)
Check for the Version of libneon0.26 OpenVAS Vulnerability Test Mandriva Update for libneon0.26 MDKSA-2007:013 libneon0.26 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...