Lucene search
K

9059 matches found

NVD
NVD
added 2006/08/14 8:4 p.m.38 views

CVE-2006-1168

The decompress function in compress42.c in 1 ncompress 4.2.4 and 2 liblzw allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow...

7.5CVSS6.1AI score0.05422EPSS
Exploits0References25
OSV
OSV
added 2006/08/14 8:4 p.m.1 views

DEBIAN-CVE-2006-1168

The decompress function in compress42.c in 1 ncompress 4.2.4 and 2 liblzw allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow...

7.5CVSS9.3AI score0.05422EPSS
Exploits0References1
CVE
CVE
added 2006/08/14 8:0 p.m.109 views

CVE-2006-1168

CVE-2006-1168 is referenced in the MiracleLinux Nessus advisories for BusyBox packages (MiracleLinux 3/4). The initial CVE description states: the decompress function in compress42.c of ncompress 4.2.4 and liblzw can be exploited by crafted data to cause a denial of service (crash) and possibly e...

7.5CVSS6.7AI score0.05422EPSS
Exploits0References25Affected Software1
Debian CVE
Debian CVE
added 2006/08/14 8:0 p.m.27 views

CVE-2006-1168

The decompress function in compress42.c in 1 ncompress 4.2.4 and 2 liblzw allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow...

7.5CVSS7.4AI score0.05422EPSS
Exploits0
Debian
Debian
added 2006/08/10 5:33 a.m.28 views

[SECURITY] [DSA 1149-1] New ncompress packages fix potential code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1149-1 [email protected] http://www.debian.org/security/ Martin Schulze August 10th, 2006 http://www.debian.org/security/faq -...

7.5CVSS7.4AI score0.05422EPSS
Exploits0
securityvulns
securityvulns
added 2006/08/10 12:0 a.m.59 views

[ MDKSA-2006:140 ] - Updated ncompress packages fix vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:140 http://www.mandriva.com/security/ Package : ncompress Date : August 9, 2006 Affected: 2006.0, Corporate 3.0 Problem Description: Tavis Ormandy, of the Google Security Team, discovered that ncompress, whe...

7.5CVSS7.2AI score0.05422EPSS
Exploits0
OSV
OSV
added 2006/08/10 12:0 a.m.18 views

DSA-1149-1 ncompress - buffer underflow

Bulletin has no description...

7.5CVSS6.2AI score0.05422EPSS
Exploits0
NVD
NVD
added 2006/08/09 12:4 a.m.14 views

CVE-2006-4024

The FESTAHESLoad function in pce/hes.c in Festalon 0.5.0 through 0.5.5 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a negative LoadAddr value in a HES file, which is used as an offset in a memcpy operation and leads to a buffer underflo...

7.5CVSS7.8AI score0.05007EPSS
Exploits1References4
Cvelist
Cvelist
added 2006/08/09 12:0 a.m.20 views

CVE-2006-4024

The FESTAHESLoad function in pce/hes.c in Festalon 0.5.0 through 0.5.5 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via a negative LoadAddr value in a HES file, which is used as an offset in a memcpy operation and leads to a buffer underflo...

7.8AI score0.05007EPSS
Exploits1References4
CVE
CVE
added 2006/08/09 12:0 a.m.36 views

CVE-2006-4024

The CVE-2006-4024 vulnerability affects Festalon (versions 0.5.0–0.5.5), where FESTAHES_Load in pce/hes.c accepts a negative LoadAddr in a HES file. This value is used as an offset in a memcpy, enabling a buffer underflow that can crash the process and potentially allow arbitrary code execution b...

7.5CVSS8.2AI score0.05007EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2006/08/08 12:0 a.m.36 views

php local buffer underflow could lead to arbitary code execution

Affected versions: php 5.1.4 and older, 4.4.3 and possibly older Cause: when php-s sscanf functions format argument contains argument swap and extra arguments are given like. sscanf'foo ','$1s',$bar then it reads an pointer to pointer to zval structure past the end of argument array by one. Php...

0.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2006/07/29 12:16 a.m.4 views

security flaw

Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service crash via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow...

5CVSS6.1AI score0.03245EPSS
Exploits0References4
CVE
CVE
added 2006/07/28 11:0 p.m.38 views

CVE-2006-3768

CVE-2006-3768 affects FileCOPA FTP Server (filecpnt.exe) prior to version 1.01; an integer underflow on long directory arguments to CWD, DELE, MDTM, or MKD triggers a stack-based buffer overflow, enabling arbitrary code execution. CERT reports remote exploitation possible with anonymous access; S...

6.4CVSS7.4AI score0.05251EPSS
Exploits0References10Affected Software1
RedHat Linux
RedHat Linux
added 2006/07/27 7:53 p.m.4 views

security flaw

Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service crash via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow...

5CVSS6.1AI score0.03245EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2006/07/27 7:4 p.m.32 views

CVE-2006-3804

Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service crash via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow...

5CVSS6.2AI score0.03245EPSS
Exploits0References3
NVD
NVD
added 2006/07/27 7:4 p.m.17 views

CVE-2006-3804

Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service crash via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow...

5CVSS6.7AI score0.03245EPSS
Exploits0References43
Debian CVE
Debian CVE
added 2006/07/27 7:0 p.m.35 views

CVE-2006-3804

Heap-based buffer overflow in Mozilla Thunderbird before 1.5.0.5 and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service crash via a VCard attachment with a malformed base64 field, which copies more data than expected due to an integer underflow...

5CVSS6.1AI score0.03245EPSS
Exploits0
NVD
NVD
added 2006/07/25 1:22 p.m.39 views

CVE-2006-3824

systeminfo.c for Sun Solaris allows local users to read kernel memory via a 0 variable count argument to the sysinfo system call, which causes a -1 argument to be used by the copyout function. NOTE: this issue has been referred to as an integer overflow, but it is probably more like a signedness...

4.9CVSS6.1AI score0.00985EPSS
Exploits6References9
Mozilla
Mozilla
added 2006/07/25 12:0 a.m.32 views

Heap buffer overwrite on malformed VCard — Mozilla

A VCard attachment with a malformed base64 field such as a photo can trigger a heap buffer overwrite. These have proven exploitable in the past, though in this case the overwrite is accompanied by an integer underflow that would attempt to copy more data than the typical machine has, leading to a...

5CVSS6.1AI score0.03245EPSS
Exploits0References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2006/07/19 12:0 a.m.36 views

RHEL 2.1 / 3 / 4 : freetype (RHSA-2006:0500)

Updated freetype packages that fix several security flaws are now available for Red Hat Enterprise Linux. This update has been rated as having moderate security impact by the Red Hat Security Response Team. FreeType is a free, high-quality, and portable font engine. Chris Evans discovered several...

7.5CVSS5.9AI score0.16172EPSS
Exploits0References9
Rows per page
Query Builder