9302 matches found
Microsoft GDI+ WMF Image File Buffer Overflow Vulnerability
Description Microsoft GDI+ is prone to a buffer-overflow vulnerability because the vector graphics linked library improperly allocates memory when parsing WMF image files. Successfully exploiting this issue would allow an attacker to corrupt memory and execute arbitrary code in the context of the...
Microsoft GDI+ VML Heap-Based Buffer Overflow Vulnerability
Description Microsoft GDI+ is prone to a heap-based buffer-overflow vulnerability because the vector graphics link library improperly processes gradient sizes. Successfully exploiting this issue would allow an attacker to corrupt heap memory and execute arbitrary code in the context of the...
Server: temporary DoS via crafted pattern searches
Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service CPU consumption and search outage via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem...
CVE-2008-3656
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.splitheadervalue function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of...
CVE-2008-3656
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.splitheadervalue function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of...
CVE-2008-3656
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.splitheadervalue function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of...
ruby -- DoS vulnerability in WEBrick
The official ruby site reports: WEBrick::HTTP::DefaultFileHandler is faulty of exponential time taking requests due to a backtracking regular expression in WEBrick::HTTPUtils.splitheadervalue...
Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim
SUMMARY Product : Vim -- Vi IMproved Version : Tested with Vim 7.2b.10, filetype.vim 2008-07-17 Impact : Arbitrary code execution Wherefrom: Local and remote CVE : CVE-2008-2712 Original : http://www.rdancer.org/vulnerablevim-filetype.vim.updated.html...
PCRE buffer overflow
Buffer overflow on regular expression compilation...
GLSA-200807-03 : PCRE: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200807-03 PCRE: Buffer overflow Tavis Ormandy of the Google Security team reported a heap-based buffer overflow when compiling regular expression patterns containing 'Internal Option Settings' such as '?i'. Impact : A remote...
Buffer overflow
Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine MSDE 2000 SP4, and 2000 Desktop Engine WMSDE allows remote authenticated users to execute arbitrary code via a crafted SQL expression...
CVE-2008-0086
Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine MSDE 2000 SP4, and 2000 Desktop Engine WMSDE allows remote authenticated users to execute arbitrary code via a crafted SQL expression...
CVE-2008-0086
Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine MSDE 2000 SP4, and 2000 Desktop Engine WMSDE allows remote authenticated users to execute arbitrary code via a crafted SQL expression...
Heap overflow
Heap-based buffer overflow in pcrecompile.c in the Perl-Compatible Regular Expression PCRE library 7.7 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches...
CVE-2008-2371
Heap-based buffer overflow in pcrecompile.c in the Perl-Compatible Regular Expression PCRE library 7.7 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches...
CVE-2008-2371
Heap-based buffer overflow in pcrecompile.c in the Perl-Compatible Regular Expression PCRE library 7.7 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches...
CVE-2008-2371
CVE-2008-2371 describes a heap-based buffer overflow in the PCRE library (version 7.7) specifically in pcre_compile.c. This vulnerability can be triggered by a context-dependent attacker via a regular expression that begins with an option and contains multiple branches, potentially causing a deni...
CVE-2008-2371
Heap-based buffer overflow in pcrecompile.c in the Perl-Compatible Regular Expression PCRE library 7.7 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches...
PCRE library buffer overflow
Buffer overflow on regular expression compiling...
CVE-2008-2371
Heap-based buffer overflow in pcrecompile.c in the Perl-Compatible Regular Expression PCRE library 7.7 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches...