Lucene search
K

4208 matches found

UbuntuCve
UbuntuCve
added 2010/05/07 12:0 a.m.35 views

CVE-2010-1868

The 1 sqlitesinglequery and 2 sqlitearrayquery functions in ext/sqlite/sqlite.c in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allow context-dependent attackers to execute arbitrary code by calling these functions with an empty SQL query, which triggers access of uninitialized memory...

7.5CVSS6.2AI score0.0303EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2010/05/06 7:3 p.m.6 views

xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service crash via a crafted PDF file that triggers a free of uninitialized memory...

4.3CVSS5.9AI score0.02318EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2010/05/06 6:53 p.m.7 views

xpdf: Freeing of potentially uninitialized memory in JBIG2 decoder

The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service crash via a crafted PDF file that triggers a free of uninitialized memory...

4.3CVSS5.9AI score0.02318EPSS
Exploits1References4
Prion
Prion
added 2010/05/06 2:53 p.m.19 views

Code injection

Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via JavaScript that writes sequences in an infinite loop, leadin...

9.3CVSS8.2AI score0.0698EPSS
Exploits2References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/05/03 12:0 a.m.10 views

Opera < 10.53 Asynchronous Content Modification Uninitialized Memory Access

Binary data 5527.prm...

9.3CVSS7.3AI score0.0698EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2010/05/03 12:0 a.m.11 views

Opera < 10.53 Asynchronous Content Modification Uninitialized Memory Access

Binary data 800846.prm...

9.3CVSS7.3AI score0.0698EPSS
Exploits1References4
VulnCheck KEV
VulnCheck KEV
added 2010/05/01 12:0 a.m.3 views

VulnCheck KEV: CVE-2009-2477

js/src/jstracer.cpp in the Just-in-time JIT JavaScript compiler aka TraceMonkey in Mozilla Firefox 3.5 before 3.5.1 allows remote attackers to execute arbitrary code via certain use of the escape function that triggers access to uninitialized memory locations, as originally demonstrated by...

9.3CVSS6.2AI score0.42689EPSS
Exploits9References1
Tenable Nessus
Tenable Nessus
added 2010/04/30 12:0 a.m.29 views

Opera < 10.53 Asynchronous Content Modification Uninitialized Memory Access

The version of Opera installed on the remote host is earlier than 10.53. Such versions are potentially affected by the following issue : - Multiple asynchronous calls to a script that modifies document contents can be abused to reference an uninitialized value, leading to an application crash or...

9.3CVSS6.1AI score0.0698EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2010/03/31 12:0 a.m.55 views

Apple iTunes < 9.1 Multiple Vulnerabilities (uncredentialed check)

The version of Apple iTunes on the remote host is prior to version 9.1. It is, therefore, affected by multiple vulnerabilities : - A buffer underflow in ImageIO's handling of TIFF images can lead to a denial of service or arbitrary code execution. CVE-2009-2285 - An integer overflow in the...

9.3CVSS6.8AI score0.0895EPSS
Exploits1References12
Tenable Nessus
Tenable Nessus
added 2010/03/11 12:0 a.m.19 views

Safari < 4.0.5 Multiple Vulnerabilities

Binary data 5361.prm...

9.3CVSS8AI score0.11637EPSS
Exploits6References18
NVD
NVD
added 2010/03/10 10:30 p.m.17 views

CVE-2010-0806

Use-after-free vulnerability in the Peer Objects component aka iepeers.dll in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, a...

9.3CVSS7.3AI score0.82172EPSS
Exploits15References15
Prion
Prion
added 2010/03/10 10:30 p.m.22 views

Memory corruption

Use-after-free vulnerability in the Peer Objects component aka iepeers.dll in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, a...

9.3CVSS7.9AI score0.82172EPSS
Exploits15References13Affected Software3
CVE
CVE
added 2010/03/10 10:0 p.m.183 views

CVE-2010-0806

CVE-2010-0806 is a use-after-free in Internet Explorer’s iepeers.dll (affecting IE 6/6 SP1/7). The vulnerability arises from access to an invalid pointer after object deletion, enabling remote code execution. It was exploited in the wild around March 2010. Public fixes include Microsoft Security ...

9.3CVSS7.3AI score0.82172EPSS
In wildExploits15References15Affected Software1
Cvelist
Cvelist
added 2010/03/10 10:0 p.m.48 views

CVE-2010-0806

Use-after-free vulnerability in the Peer Objects component aka iepeers.dll in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, a...

7.2AI score0.82172EPSS
Exploits15References13
Cvelist
Cvelist
added 2010/03/10 10:0 p.m.28 views

CVE-2010-0262

Microsoft Office Excel 2007 SP1 and SP2 and Office 2004 for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that triggers access of an uninitialized stack variable, aka "Microsoft Office Excel FNGROUPNAME Record...

7.8AI score0.21256EPSS
Exploits1References5
seebug.org
seebug.org
added 2010/03/10 12:0 a.m.29 views

Microsoft Excel FNGROUPNAME记录未初始化内存漏洞(MS10-017)

BUGTRAQ ID: 38553 CVE ID: CVE-2010-0262 Excel是微软Office套件中的电子表格工具。 Excel在解析XSL文件中畸形FnGroupName、BuiltInFnGroupCount和FnGrp12记录时存在未初始化内存漏洞,成功利用此漏洞的攻击者可以完全控制受影响的系统。 Microsoft Excel 2007 SP2 Microsoft Excel 2007 SP1 Microsoft Office 2004 for Mac 临时解决方法: 使用Microsoft Office文件阻断策略以防止打开未知或不可信任来源的Office...

9.3CVSS6.8AI score0.21256EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2010/03/09 12:0 a.m.46 views

Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the decompression of XLSX files. The XL...

10CVSS4.4AI score0.25692EPSS
Exploits1References1
Prion
Prion
added 2010/01/22 10:0 p.m.33 views

Memory corruption

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a...

9.3CVSS7.7AI score0.26261EPSS
Exploits4References3Affected Software1
CVE
CVE
added 2010/01/22 9:20 p.m.157 views

CVE-2010-0244

CVE-2010-0244 : IE6/6 SP1/7/8 memory corruption via uninitialized/deleted objects leading to remote code execution. According to MS MS09-054, the fix is a cumulative IE security update; install the most current IE update(s) to mitigate. The connected KB entry describes the update path and mention...

9.3CVSS8.7AI score0.20759EPSS
Exploits2References3Affected Software1
RedHat Linux
RedHat Linux
added 2009/12/15 5:5 p.m.4 views

kernel: tcf_fill_node() infoleak due to typo in 9ef1d4c7

The tcffillnode function in net/sched/clsapi.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcmpad2 structure member, which might allow local users to obtain sensitive information from kernel memory via unspecified...

2.1CVSS7.1AI score0.00399EPSS
Exploits1References4
Rows per page
Query Builder