2589 matches found
CVE-2007-5756
Multiple array index errors in the bpffilterinit function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode aka Table Management Extensions or TME, and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests...
Code injection
Multiple array index errors in the bpffilterinit function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode aka Table Management Extensions or TME, and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests...
CVE-2007-5756
CVE-2007-5756 : A local privilege-escalation flaw in WinPcap’s NPF.SYS driver (bpf_filter_init) arises from multiple array-indexing errors when handling IOCTLs, allowing crafted IOCTL requests to gain kernel-mode privileges. Affected: WinPcap up to version 4.0.1 (and variants used by Wireshark). ...
CVE-2007-5756
Multiple array index errors in the bpffilterinit function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode aka Table Management Extensions or TME, and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests...
WinPcap driver array overflow
Array index overflow in kernel mode on IOCTL handling...
KLA10395 LPE vulnerability in WinPcap
Array index errors were found in WinPcap. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via a specially designed IOCTL request. Original advisories WinPcap changelog Related products WinPcap CVE list CVE-2007-5756 high Solution...
DCTStream:: readProgressiveDataUnit()
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file...
Memory corruption
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file...
CVE-2007-4352
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file...
CVE-2007-4352
The CVE-2007-4352 issue affects Xpdf (Xpdf 3.02pl1 and related components) where an array index error in DCTStream::readProgressiveDataUnit in xpdf/Stream.cc can lead to memory corruption and remote code execution via a crafted PDF. MiracleLinux AXSA:2007-64:02 lists this CVE alongside other Xpdf...
CVE-2007-4352
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file...
CVE-2007-4352
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code via a crafted PDF file...
openSUSE 10 Security Update : neon (neon-2476)
Fix for incorrect array index handling with non-ASCII characters in the URI parser. CVE-2007-0157 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update neon-2476. The text description of this plugin...
Xvid array index overflow
Array index overflow in multiple getintrablock variants for different Video formats parsing...
Debian DSA-1325-1 : evolution - several vulnerabilities
Several remote vulnerabilities have been discovered in Evolution, a groupware suite with mail client and organizer. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1002 Ulf Harnhammar discovered that a format string vulnerability in the handling of...
[SECURITY] [DSA 1325-1] New evolution packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1325-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 29th, 2007 http://www.debian.org/security/faq -...
Design/Logic Flaw
Array index error in gdgifin.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash and heap corruption via large color index values in crafted image data, which results in a segmentation fault...
CVE-2007-3476
Array index error in gdgifin.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash and heap corruption via large color index values in crafted image data, which results in a segmentation fault...
CVE-2007-3476
Array index error in gdgifin.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash and heap corruption via large color index values in crafted image data, which results in a segmentation fault...
CVE-2007-3476
Array index error in gdgifin.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash and heap corruption via large color index values in crafted image data, which results in a segmentation fault...