236 matches found
UBUNTU-CVE-2018-11790
When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation...
ALPINE-CVE-2017-15191
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length...
UBUNTU-CVE-2017-15191
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length...
DEBIAN-CVE-2017-15191
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length...
CVE-2017-15191
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length...
CVE-2017-15191
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length...
CVE-2017-6260
NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer helper function where an incorrect calculation of string length may lead to denial of service...
Memory out-of-bounds access vulnerability in WPS text kso module
WPS is an office software developed by Kingsoft Office Software. A memory out-of-bounds access vulnerability exists in the WPS text kso module. The vulnerability is caused by the program failing to validate the buffer length and calling wcslen directly, which could be exploited by an attacker to...
VideoLAN VLC Information Disclosure Vulnerability
VideoLAN VLC is a free and open source cross-platform multimedia player also a multimedia framework developed by the French organization VideoLAN. It supports playback of multiple media files, CD-ROMs, etc., multiple audio and video formats WMV, MP3, etc., etc. ParseJSS is one of the subtitle fil...
Heap overflow
Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file...
CVE-2017-8312
Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file...
CVE-2017-8312
Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file...
ocaml: sizes arguments are sign-extended from 32 to 64 bits
An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak...
ocaml: sizes arguments are sign-extended from 32 to 64 bits
An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak...
Internet Bug Bounty: 3 heap corruptions in PHP
73208 integer overflow in imap8bit caused heap corruption https://bugs.php.net/bug.php?id=73208 73082 string length overflow in mbencode function https://bugs.php.net/bug.php?id=73082 73174 heap overflow in phppcrereplaceimpl https://bugs.php.net/bug.php?id=73174 If you want to verify email...
Internet Bug Bounty: iconv() function missing string length check
https://bugs.php.net/bug.php?id=73368...
CVE-2016-7045
The formatsendtogui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service heap corruption and crash via vectors involving the length of a string...
CVE-2016-7045
The formatsendtogui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service heap corruption and crash via vectors involving the length of a string...
CVE-2016-7045
The formatsendtogui function in the format parsing code in Irssi before 0.8.20 allows remote attackers to cause a denial of service heap corruption and crash via vectors involving the length of a string...
MGASA-2016-0316 Updated curl packages fix security vulnerability
The four libcurl functions curlescape, curleasyescape, curlunescape and curleasyunescape perform string URL percent escaping and unescaping. They accept custom string length inputs in signed integer arguments. The provided string length arguments were not properly checked and due to arithmetic in...