30 matches found
CVE-2020-11904
The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write...
DEBIAN-CVE-2019-7704
wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binaryen 1.38.22 triggers an attempt at excessive memory allocation, as demonstrated by wasm-merge and wasm-opt...
DEBIAN-CVE-2018-10538
An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...
UBUNTU-CVE-2017-16868
In SWFTools 0.9.2, the wavconvert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote attackers to cause a denial of service integer overflow and NULL pointer dereference via a crafted WAV file...
V8: integer overflow leading to buffer overflow in Zone::New
An integer-overflow flaw was found in V8's Zone class when allocating new memory Zone::New and Zone::NewExpand. An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges...
UBUNTU-CVE-2017-5953
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow...
CVE-2016-4291
When opening a Hangul HShow Document .hpt and processing a structure within the document, Hancom Office 2014 will use a field from the structure in an operation that can cause the integer to overflow. This result is then used to allocate memory to copy file data in. Due to the lack of bounds...
OpenJDK: PNG and GIF processing buffer overflow vulnerabilities (6804996, 6804997)
Multiple buffer overflows in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via 1 a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen,...
OpenOffice.org overflow possible on allocation
Integer overflow in the rtlallocateMemory function in sal/rtl/source/allocglobal.c in OpenOffice.org OOo 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow...
security flaw
Integer overflow in memory allocation routines in PHP before 5.1.6, when running on a 64-bit system, allows context-dependent attackers to bypass the memorylimit restriction...