Lucene search
K

256 matches found

Prion
Prion
added 2012/04/25 10:10 a.m.15 views

Memory corruption

FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service invalid heap read operation and memory corruption or possibly execute arbitrary code via a crafted header in a BDF font...

9.3CVSS8.3AI score0.03813EPSS
Exploits0References21Affected Software2
CVE
CVE
added 2012/02/08 2:0 a.m.38 views

CVE-2012-1008

CVE-2012-1008 affects OfficeSIP Server 3.1. A remote attacker can trigger a denial-of-service (daemon crash) by sending a SIP INVITE with a crafted To header. The available documents confirm the affected product and the impact but do not provide additional details on root cause, exact vulnerable ...

5CVSS6.7AI score0.10314EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2011/12/31 1:55 a.m.9 views

CVE-2011-1710

Multiple integer overflows in the HTTP server in the Novell XTier framework 3.1.8 allow remote attackers to cause a denial of service service crash or possibly execute arbitrary code via crafted header length variables...

7.5CVSS8AI score0.03589EPSS
Exploits0References4
OSV
OSV
added 2011/11/08 11:55 a.m.8 views

DEBIAN-CVE-2011-4415

The appregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the modsetenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service memory consumption or NULL...

1.2CVSS8.2AI score0.031EPSS
Exploits4References1
UbuntuCve
UbuntuCve
added 2011/09/28 12:0 a.m.49 views

CVE-2011-3000

Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 do not properly handle HTTP responses that contain multiple Location, Content-Length, or Content-Disposition headers, which makes it easier for remote attackers to conduct HTTP response splitting...

4.3CVSS7.2AI score0.02018EPSS
Exploits0References4
Prion
Prion
added 2011/05/31 8:55 p.m.18 views

Integer overflow

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W...

9.3CVSS7.9AI score0.32961EPSS
Exploits10References7Affected Software1
Metasploit
Metasploit
added 2011/01/25 12:11 a.m.47 views

Apache Tomcat Transfer-Encoding Information Disclosure and DoS

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service application outage or obtain sensitive information via a crafted header that interferes with "recycling...

6.4CVSS0.5AI score0.54779EPSS
Exploits2
Prion
Prion
added 2011/01/13 7:0 p.m.21 views

Buffer overflow

Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted header field in a message...

6.8CVSS8.4AI score0.03012EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2011/01/13 6:35 p.m.20 views

CVE-2011-0310

Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted header field in a message...

7.9AI score0.03012EPSS
Exploits0References7
Prion
Prion
added 2010/12/14 4:0 p.m.17 views

Heap overflow

Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allow remote attackers to have an unspecified impact via a crafted header in an IVR file...

9.3CVSS7.2AI score0.03091EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2010/12/14 3:0 p.m.20 views

CVE-2010-4390

Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and Linux RealPlayer 11.0.2.1744 allow remote attackers to have an unspecified impact via a crafted header in an IVR file...

6.7AI score0.03091EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2010/08/02 8:39 p.m.3 views

tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service application outage or obtain sensitive information via a crafted header that interferes with "recycling...

6.4CVSS6.2AI score0.54779EPSS
Exploits2References4
RedHat Linux
RedHat Linux
added 2010/08/02 8:17 p.m.4 views

tomcat: information leak vulnerability in the handling of 'Transfer-Encoding' header

Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service application outage or obtain sensitive information via a crafted header that interferes with "recycling...

6.4CVSS6.2AI score0.54779EPSS
Exploits2References4
Prion
Prion
added 2010/07/06 5:17 p.m.21 views

Authentication flaw

The Cisco Content Services Switch CSS 11500 with software 08.20.1.01 conveys authentication data through ClientCert- headers but does not delete client-supplied ClientCert- headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a...

7.5CVSS7.4AI score0.01686EPSS
Exploits2References5Affected Software1
Prion
Prion
added 2010/06/25 6:30 p.m.13 views

Buffer overflow

Buffer overflow in Arcext.dll 2.16.1 and earlier in pon software Explzh 5.62 and earlier allows remote attackers to execute arbitrary code via an LZH LHA file with a crafted header that is not properly handled during expansion...

9.3CVSS8.5AI score0.05359EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2010/06/25 6:0 p.m.15 views

CVE-2010-2434

Buffer overflow in Arcext.dll 2.16.1 and earlier in pon software Explzh 5.62 and earlier allows remote attackers to execute arbitrary code via an LZH LHA file with a crafted header that is not properly handled during expansion...

7.9AI score0.05359EPSS
Exploits0References7
OSV
OSV
added 2010/05/07 6:24 p.m.1 views

DEBIAN-CVE-2010-1167

fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service memory consumption and application crash via a crafted 1 message header or 2 POP3 UIDL list...

4.3CVSS8.3AI score0.02199EPSS
Exploits0References1
Prion
Prion
added 2010/03/16 7:30 p.m.8 views

Buffer overflow

Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted CC: header...

7.5CVSS8.4AI score0.03809EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2010/03/16 7:30 p.m.15 views

CVE-2010-0793

Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted CC: header...

7.5CVSS6.2AI score0.03809EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2010/03/16 7:0 p.m.21 views

CVE-2010-0793

Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted CC: header...

7.5CVSS7.7AI score0.03809EPSS
Exploits0
Rows per page
Query Builder