2589 matches found
CVE-2008-5396
Array index error in the 1 torisa.c and 2 dahdi/tor2.c drivers in Zaptel aka DAHDI 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to missing validation of the sync field associated with the ZTSPANCONFIG...
CVE-2008-5396
CVE-2008-5396 is an array index error in Zaptel (DAHDI) drivers, affecting Zaptel versions up to 1.4.11 and earlier. The flaw resides in the torisa.c and tor2.c code paths that handle the ZT_SPANCONFIG ioctl, allowing local users in the dialout group to overwrite kernel memory by writing to /dev/...
Graphviz array index overflow
Array index overflow on DOT file with large number of Agrapht elements...
CVE-2008-4812
Array index error in Adobe Reader and Acrobat, and the Explorer extension aka AcroRd32Info, 8.1.2, 8.1.1, and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that triggers an out-of-bounds write, related to parsing of Type 1 fonts...
Out-of-bounds
Array index error in Adobe Reader and Acrobat, and the Explorer extension aka AcroRd32Info, 8.1.2, 8.1.1, and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that triggers an out-of-bounds write, related to parsing of Type 1 fonts...
CVE-2008-4812
Array index error in Adobe Reader and Acrobat, and the Explorer extension aka AcroRd32Info, 8.1.2, 8.1.1, and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that triggers an out-of-bounds write, related to parsing of Type 1 fonts...
CVE-2008-4812
Adobe Reader/Acrobat (AcroRd32Info)
Integer overflow
Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel file containing a crafted value, leading to...
Code injection
Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison...
CVE-2008-4558
Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison...
CVE-2008-3477
CVE-2008-3477 affects Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2/SP3, in which the VBA Performance Cache handling of embedded objects can be abused to execute arbitrary code. The root cause is from heap-based and other memory corruptions (overflow/invalid indexing) when processing an object...
CVE-2008-4558
Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison...
DEBIAN-CVE-2008-4558
Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison...
CVE-2008-4558
Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison...
Microsoft Excel FORMAT record array index memory corruption
Added: 09/24/2008 CVE: CVE-2008-3005 BID: 30639 OSVDB: 47408 Background Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms. Problem A memory corruption vulnerability allows command execution when a user opens a spreadsheet...
FreeBSD Ports: libxine
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: libxine
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: krb5, krb5-beta
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Excel FORMAT记录无效数组索引漏洞(MS08-043)
BUGTRAQ ID: 30639 CVECAN ID: CVE-2008-3005 Excel是Microsoft Office办公软件套件中的电子表格工具。 Excel没有正确地处理电子表格中的FORMAT记录,如果电子表格中包含有越界数组索引的话,则打开该文件就会导致Excel向栈内存的任意位置写入一个字节,成功利用这个漏洞允许以当前登录用户的权限执行任意指令。 Microsoft Excel 2002 SP3 Microsoft Excel 2000 SP3 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac...
Microsoft PowerPoint Viewer 2003越界数组索引漏洞(MS08-051)
BUGTRAQ ID: 30554 CVECAN ID: CVE-2008-0121 Microsoft PowerPoint是微软Office套件中的文档演示工具。 PowerPoint Viewer 2003在处理PPT演示文件中的某些记录时对数组索引缺少边界检查,在某些环境下攻击者可以直接控制演示文件中的数组索引,这样就可以控制函数指针,导致执行任意代码。 Microsoft PowerPoint Viewer 2003 临时解决方法: 不要打开或保存从不受信任来源或从受信任来源意外收到的Microsoft Office文件。 厂商补丁: Microsoft ---------...