CVE-2014-7187

Off-by-one error in the readtokenword function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via deeply nested for loops, aka the "wordlineno" issue...

CVE-2014-7186

The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via crafted use of here documents, aka the "redirstack" issue...

CVE-2014-7187

Off-by-one error in the readtokenword function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via deeply nested for loops, aka the "wordlineno" issue...

Out-of-bounds

Off-by-one error in the readtokenword function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via deeply nested for loops, aka the "wordlineno" issue...

CVE-2014-7187

Off-by-one error in the readtokenword function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via deeply nested for loops, aka the "wordlineno" issue...

CVE-2014-7187

Off-by-one error in the readtokenword function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via deeply nested for loops, aka the "wordlineno" issue...

CVE-2014-7187

Technical details for CVE-2014-7187 are not publicly available in the provided documents; monitor for updates.

Out-of-bounds

The VIQR module in the iconv implementation in FreeBSD 10.0 before p6 and NetBSD allows context-dependent attackers to cause a denial of service out-of-bounds array access via a crafted argument to the iconvopen function. NOTE: this issue was SPLIT from CVE-2014-3951 per ADT2 due to different...

CVE-2014-5384

The CVE-2014-5384 entry concerns the VIQR module in the iconv implementation of FreeBSD 10.0 prior to p6 and NetBSD. The vulnerability is an out-of-bounds array access in the VIQR module of iconv_open, allowing context-dependent attackers to cause a denial of service. Affected environment is Free...

Updated ffmpeg packages fix security vulnerabilities

A use-after-free vulnerability in FFmpeg before 1.1.9 involving seek operations on video data could allow remote attackers to cause a denial of service CVE-2012-5150. The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 1.1.9 does not properly validate a certain bits-per-sample...

Updated ffmpeg packages fix security vulnerabilities

The takdecodeframe function in libavcodec/takdec.c in FFmpeg before 2.0.4 does not properly validate a certain bits-per-sample value, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted TAK aka Tom's lossless...

Opera <= 10.50 integer overflow

No description provided by source. ?php / @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ ------------------------------------------------------------------------------- Opera 10.10 - 10.50 Title: Integer overflow leading to out of bounds array access R/W 0day poc...

FreeBSD iconv security vulnerabilities

NULL pointer dereference, out-of-bound array access...

FreeBSD-SA-14:15.iconv

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-14:15.iconv Security Advisory The FreeBSD Project Topic: iconv3 NULL pointer dereference and out-of-bounds array access Category: core Module: libc/iconv...

CVE-2014-1717

Google V8, as used in Google Chrome before 34.0.1847.116, does not properly use numeric casts during handling of typed arrays, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JavaScript code...

Out-of-bounds

Google V8, as used in Google Chrome before 34.0.1847.116, does not properly use numeric casts during handling of typed arrays, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JavaScript code...

CVE-2014-1717

The CVE-2014-1717 entry concerns Google Chrome’s V8 JavaScript engine (pre-34.0.1847.116). A flaw in numeric casts during typed-array handling can cause out-of-bounds array access, enabling a remote attacker to trigger a denial of service or potentially other impact via crafted JavaScript. Public...

CVE-2014-1717

Google V8, as used in Google Chrome before 34.0.1847.116, does not properly use numeric casts during handling of typed arrays, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted JavaScript code...

CVE-2014-1717

Removed by vendor...

CVE-2014-2099

The msrledecodeframe function in libavcodec/msrle.c in FFmpeg before 2.1.4 does not properly calculate line sizes, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted Microsoft RLE video data...