CVE-2009-0689

Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...

Microsoft PowerPoint Freelance布局解析堆溢出漏洞

BUGTRAQ ID: 35275 CVECAN ID: CVE-2009-0202 Microsoft PowerPoint是微软Office套件中的文档演示工具。 PowerPoint的Freelance Windows 2.1 Translator（FL21WIN.DLL）在解析布局信息时存在数组索引错误，如果用户受骗打开了恶意的PPT文件就可能触发堆溢出，导致执行任意指令。 安装了MS09-017更新的系统默认下会禁用对Freelance文件的支持，但可在注册表中手动重新启用。 Microsoft PowerPoint 2002 Microsoft PowerPoint 2000...

CVE-2009-0558

Array index error in Excel in Microsoft Office 2000 SP3 and Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac, allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Array Indexing Memory Corruption Vulnerability."...

CVE-2009-0558

CVE-2009-0558 is an Array Indexing Memory Corruption Vulnerability in Microsoft Office Excel parsing code that can be triggered by a specially crafted Excel file. It affects Microsoft Office/Excel on Mac (Office 2004 and 2008 for Mac) and the Open XML File Format Converter for Mac, as well as Exc...

Microsoft PowerPoint Sound Data (CVE-2009-0225)远程代码执行漏洞

Bugraq ID: 34880 CVE ID：CVE-2009-0225 CNCVE ID：CNCVE-20090225 Microsoft PowerPoint是一款微软Office套件中的文档演示工具。 Microsoft PowerPoint处理畸形PPT文件时存在数组索引错误，远程攻击者可以利用漏洞以应用程序权限执行任意代码。 构建恶意文件，诱使用户打开可触发此漏洞。目前没有详细漏洞细节提供。 Microsoft PowerPoint 2003 SP3 Microsoft PowerPoint 2003 SP2 Microsoft PowerPoint 2003 SP1...

Design/Logic Flaw

Array index error in the xnu Mach kernel in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service system shutdown via unspecified vectors related to workqueues...

CVE-2008-1517

Array index error in the xnu Mach kernel in Apple Mac OS X 10.5 before 10.5.7 allows local users to gain privileges or cause a denial of service system shutdown via unspecified vectors related to workqueues...

Mandriva Linux Security Advisory : php (MDVSA-2009:022)

A vulnerability in PHP allowed context-dependent attackers to cause a denial of service crash via a certain long string in the glob or fnmatch functions CVE-2007-4782. A vulnerability in the cURL library in PHP allowed context-dependent attackers to bypass safemode and openbasedir restrictions an...

Mandriva Linux Security Advisory : php (MDVSA-2009:021)

A buffer overflow in the imageloadfont function in PHP allowed context-dependent attackers to cause a denial of service crash and potentially execute arbitrary code via a crafted font file CVE-2008-3658. A buffer overflow in the memnstr function allowed context-dependent attackers to cause a deni...

php: libgd imagerotate() array index error memory disclosure

Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument aka the bgdcolor or clrBack argument for an indexed image...

Mandriva Update for mplayer MDVSA-2008:045 (mplayer)

Check for the Version of mplayer OpenVAS Vulnerability Test Mandriva Update for mplayer MDVSA-2008:045 mplayer Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Mandriva Update for libneon0.26 MDKSA-2007:013 (libneon0.26)

Check for the Version of libneon0.26 OpenVAS Vulnerability Test Mandriva Update for libneon0.26 MDKSA-2007:013 libneon0.26 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

php: libgd imagerotate() array index error memory disclosure

Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument aka the bgdcolor or clrBack argument for an indexed image...

gstreamer-plugins: Array index error while parsing malformed QuickTime media files

Array index error in the gstqtptrakhandler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins aka gstreamer-plugins 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file...

Design/Logic Flaw

Array index error in the gstqtptrakhandler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins aka gstreamer-plugins 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file...

CVE-2009-0398

Array index error in the gstqtptrakhandler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins aka gstreamer-plugins 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file...

CVE-2009-0398

Array index error in the gstqtptrakhandler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins aka gstreamer-plugins 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file...

CVE-2009-0398

Array index error in the gstqtptrakhandler function in gst/qtdemux/qtdemux.c in GStreamer Plug-ins aka gstreamer-plugins 0.6.0 allows remote attackers to have an unknown impact via a crafted QuickTime media file...

CVE-2009-0398

CVE-2009-0398 affects GStreamer-plugins: an array indexing error in the QuickTime decoding plug-in (gst_qtp_trak_handler in qtdemux.c) on GStreamer 0.6.0. This security flaw could allow a remote attacker to cause a crash or potentially execute arbitrary code by supplying a crafted QuickTime media...

CVE-2009-0387

Array index error in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted Sync Sample aka stss atom da...