UBUNTU-CVE-2016-3754

mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not limit process-memory usage, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 28615448...

UBUNTU-CVE-2016-5688

The WPG parser in ImageMagick before 6.9.4-4 and 7.x before 7.0.1-5, when a memory limit is set, allows remote attackers to have unspecified impact via vectors related to the SetImageExtent return-value check, which trigger 1 a heap-based buffer overflow in the SetPixelIndex function or an invali...

PHP 7.0.0 - Format String

Overview -------------------------------------------- A fun little format string vulnerability exists in PHP 7.0.0 due to how non-existent class names are handled. From my limited research I believe this issue is likely exploitable for full code execution see test script below. This issue does no...

openssh security, bug fix, and enhancement update

6.6.1p1-22 - Use the correct constant for glob limits 1160377 6.6.1p1-21 - Extend memory limit for remote glob in sftp acc. to stat limit 1160377 6.6.1p1-20 - Fix vulnerabilities published with openssh-7.0 1265807 - Privilege separation weakness related to PAM support - Use-after-free bug related...

CVE-2007-1522

Double free vulnerability in the session extension in PHP 5.2.0 and 5.2.1 allows context-dependent attackers to execute arbitrary code via illegal characters in a session identifier, which is rejected by an internal session storage module, which calls the session identifier generator with an...

CVE-2007-1521

Double free vulnerability in PHP before 4.4.7, and 5.x before 5.2.2, allows context-dependent attackers to execute arbitrary code by interrupting the sessionregenerateid function, as demonstrated by calling a userspace error handler or triggering a memory limit violation...

F5 Networks BIG-IP : BIG-IP ASM Virtual Edition may run out of memory under certain DoS conditions (K15341)

The BIG-IP ASM system limits the maximum number of concurrent requests with large payloads 10,000 bytes or larger by default to 100, using the maxconcurrentlongrequest internal parameter. The BIG-IP ASM system drops new requests with large payloads once this limit is reached.The maximum individua...

PHP <= 5.1.6 Mb_Parse_Str Function Register_Globals Activation Weakness

No description provided by source. source: http://www.securityfocus.com/bid/23016/info PHP is prone to a weakness that allows attackers to enable the 'registerglobals' directive because the application fails to handle a memory-limit exception. Enabling the PHP 'registerglobals' directive may allo...

Updated libmicrohttpd package fixes security vulnerabilities

The MHDhttpunescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service crash via unspecified vectors that trigger an out-of-bounds read CVE-2013-7038. Stack-based buffer overflow in the MHDdigestauthcheck function in...

DEBIAN-CVE-2013-7039

Stack-based buffer overflow in the MHDdigestauthcheck function in libmicrohttpd before 0.9.32, when MHDOPTIONCONNECTIONMEMORYLIMIT is set to a large value, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long URI in an authentication header...

Fedora 18 : xen-4.2.0-3.fc18 (2012-17135)

update to xen 4.2.0, limit the size of guest kernels and ramdisks to avoid running out of memeory on dom0 during guest boot XSA-25, CVE-2012-4544 870414 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempt...

Fedora 16 : xen-4.1.3-3.fc16 (2012-17408)

limit the size of guest kernels and ramdisks to avoid running out of memory on dom0 during guest boot XSA-25,CVE-2012-4544 870414 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically cle...

Slackware: Security Advisory (SSA:2004-202-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Libc - regcomp() Stack Exhaustion Denial of Service

Libc - regcomp Stack Exhaustion Denial of Service ? / PHP 5.4 5.3 memorylimit bypass exploit poc by Maksymilian Arciemowicz http://cxsecurity.com/ cxib a.T cxsecurity d0t com To show memorylimit in PHP php /www/memlimpoc.php 1 35000000 PHP Fatal error: Allowed memory size of 33554432 bytes...

Potentially exploitable WebGL crashes — Mozilla

Michael Jordon of Context IS reported that in the ANGLE library used by WebGL the return value from GrowAtomTable was not checked for errors. If an attacker could cause requests that exceeded the available memory those would fail and potentially lead to a buffer overrun as subsequent code wrote...

PHP 5.3.6 Null Pointer Dereference

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PHP 5.3.6 multiple null pointer dereference Author: Maksymilian Arciemowicz http://securityreason.com/ http://securityreason.net/ http://cxib.net/ Date: - - Dis.: 20.07.2011 - - Pub.: 19.08.2011 Affected Software verified: PHP 5.3.6 and prior Fixed: P...

VirtualBox 4.1 Final for Linux Released

VirtualBox 4.1 Final for Linux Released VirtualBox is a general-purpose full virtualizer for x86 hardware, targeted at server, desktop and embedded use. This version is a major update. The following major new features were added: Support for cloning of VMs bug 5853, see the manual for more...

php: information leak vulnerability in var_export()

The varexport function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if displayerrors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution...

CVE-2010-2531

The varexport function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to the user when certain fatal errors occur, even if displayerrors is off, which allows remote attackers to obtain sensitive information by causing the application to exceed limits for memory, execution...

Novell Netware FTP Remote Stack Overflow

No description provided by source. Application: Novell Netware FTP Remote Stack Overflow Platforms: Novell Netware 6.5 SP8 Exploitation: Remote Code Execution CVE Number: CVE-2010-0625 Novell TID: 3238588 Discover Date: 2009-07-23 Author: Francis Provencher Protek Research Lab's Blog:...