CVE-2008-1456

Array index vulnerability in the Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote authenticated users to execute arbitrary code via a crafted event subscription request that is used to access an array of functio...

CVE-2008-1456

Array index vulnerability in the Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote authenticated users to execute arbitrary code via a crafted event subscription request that is used to access an array of functio...

CVE-2008-1456

CVE-2008-1456 describes a remote code execution vulnerability in the Windows Event System caused by improper validation when indexing an array of function pointers. Affected products include Windows 2000 SP4, XP (SP2/SP3), Server 2003 (SP1/SP2), Vista (initial and SP1), and Server 2008. The issue...

iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability

iDefense Security Advisory 08.12.08 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 12, 2008 I. BACKGROUND Microsoft Excel is the spreadsheet application that is included with Microsoft Corp.'s Office productivity software suite. More information is available at the following website...

iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability

iDefense Security Advisory 08.12.08 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 12, 2008 I. BACKGROUND Microsoft Corp.'s PowerPoint Viewer is a viewer for full-featured presentations created in PowerPoint 97 and later versions. PowerPoint Viewer 2003 is freely downloadable from...

Format string

Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 SP3, and Office 2004 and 2008 for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted array index for a FORMAT record, aka the "Excel Index Array Vulnerability."...

CVE-2008-3005

Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 SP3, and Office 2004 and 2008 for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted array index for a FORMAT record, aka the "Excel Index Array Vulnerability."...

CVE-2008-3005

Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 SP3, and Office 2004 and 2008 for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted array index for a FORMAT record, aka the "Excel Index Array Vulnerability."...

FreeBSD : libxine -- array index vulnerability (7a7c5853-10a3-11dd-8eb8-00163e000016)

xine Team reports : A new xine-lib version is now available. This release contains a security fix an unchecked array index that could allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer. %NASLMINLEV...

OpenOffice array index overflow

Array index overflow on large number of document styles...

Design/Logic Flaw

Uncontrolled array index in IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a denial of service daemon crash via a large value in a certain 32-bit field...

CVE-2008-1706

Uncontrolled array index in IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a denial of service daemon crash via a large value in a certain 32-bit field...

CVE-2008-1706

CVE-2008-1706 affects IBM solidDB (versions 06.00.1018 and earlier). The issue is an uncontrolled array index in a 32-bit field that can be triggered by a large value, allowing remote attackers to cause a daemon crash (DoS). The connected documents provide the vulnerability description and affect...

Null pointer dereference

Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure...

CVE-2008-1686

Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to execute arbitrary code via a header structure...

XFree86 / X.Org / NX multiple security vulnerabilities

XInput and TOG-CUP extensions memory corruption, EVI and MIT-SHM extensions integer overflows, multiple extensions array index overflows. libxfont PCF fonts parsing buffer overflow...

libxine -- array index vulnerability

xine Team reports: A new xine-lib version is now available. This release contains a security fix an unchecked array index that could allows remote attackers to execute arbitrary code via a header structure containing a negative offset, which is used to dereference a function pointer...

CVE-2008-1558

Uncontrolled array index in the sdpplinparse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to as an integer overflow...

Integer overflow

Uncontrolled array index in the sdpplinparse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to as an integer overflow...

DEBIAN-CVE-2008-1558

Uncontrolled array index in the sdpplinparse function in stream/realrtsp/sdpplin.c in MPlayer 1.0 rc2 allows remote attackers to overwrite memory and execute arbitrary code via a large streamid SDP parameter. NOTE: this issue has been referred to as an integer overflow...