Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of...

Memory corruption

Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 allows remote attackers to cause a denial of service memory corruption and application crash and possibly have unknown other impact via vectors that might involve compressed data, a different vulnerability than CVE-2010-1028...

Code injection

contentencoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service application crash or have unspecified othe...

CVE-2010-0734

contentencoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service application crash or have unspecified othe...

CVE-2010-0734

contentencoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of service application crash or have unspecified othe...

Design/Logic Flaw

The pngdecompresschunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, and 1.4.x before 1.4.1 does not properly handle compressed ancillary-chunk data that has a disproportionately large uncompressed representation, which allows remote attackers to cause a denial of...

Debian DSA-1737-1 : wesnoth - several vulnerabilities

Several security issues have been discovered in wesnoth, a fantasy turn-based strategy game. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0366 Daniel Franke discovered that the wesnoth server is prone to a denial of service attack when receiving...

GLSA-200809-17 : Wireshark: Multiple Denials of Service

The remote host is affected by the vulnerability described in GLSA-200809-17 Wireshark: Multiple Denials of Service The following vulnerabilities were reported: Multiple buffer overflows in the NCP dissector CVE-2008-3146. Infinite loop in the NCP dissector CVE-2008-3932. Invalid read in the...

CVE-2008-3933

Wireshark formerly Ethereal 0.10.14 through 1.0.2 allows attackers to cause a denial of service crash via a packet with crafted zlib-compressed data that triggers an invalid read in the tvbuncompress function...

FreeBSD Security Advisory (FreeBSD-SA-05:16.zlib.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:16.zlib.asc ADV FreeBSD-SA-05:16.zlib.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft In...

CVE-2007-6426

Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data...

Heap overflow

Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data...

Stack overflow

Stack-based buffer overflow in the CLParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svcdownload command with compressed data that triggers the overflow during expansion...

CVE-2006-2875

Stack-based buffer overflow in the CLParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svcdownload command with compressed data that triggers the overflow during expansion...

DEBIAN-CVE-2006-2875

Stack-based buffer overflow in the CLParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svcdownload command with compressed data that triggers the overflow during expansion...

CVE-2006-2875

Stack-based buffer overflow in the CLParseDownload function of Quake 3 Engine 1.32c and earlier, as used in multiple products, allows remote attackers to execute arbitrary code via a svcdownload command with compressed data that triggers the overflow during expansion...