654 matches found
Design/Logic Flaw
Array index error in gdgifin.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash and heap corruption via large color index values in crafted image data, which results in a segmentation fault...
CVE-2007-3476
Array index error in gdgifin.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash and heap corruption via large color index values in crafted image data, which results in a segmentation fault...
CVE-2007-3476
Array index error in gdgifin.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash and heap corruption via large color index values in crafted image data, which results in a segmentation fault...
CVE-2007-3476
Array index error in gdgifin.c in the GD Graphics Library libgd before 2.0.35 allows user-assisted remote attackers to cause a denial of service crash and heap corruption via large color index values in crafted image data, which results in a segmentation fault...
Mandrake Linux Security Advisory : madwifi-source (MDKSA-2007:132)
The 802.11 network stack in MadWifi prior to 0.9.3.1 would alloa remote attackers to cause a denial of service system hang via a crafted length field in nested 802.3 Ethernet frames in Fast Frame packets, which results in a NULL pointer dereference CVE-2007-2829. The athbeaconconfig function in...
CVE-2007-2831
Array index error in the 1 ieee80211ioctlgetwmmparams and 2 ieee80211ioctlsetwmmparams functions in net80211/ieee80211wireless.c in MadWifi before 0.9.3.1 allows local users to cause a denial of service system crash, possibly obtain kernel memory contents, and possibly execute arbitrary code via ...
Code injection
Array index error in the 1 ieee80211ioctlgetwmmparams and 2 ieee80211ioctlsetwmmparams functions in net80211/ieee80211wireless.c in MadWifi before 0.9.3.1 allows local users to cause a denial of service system crash, possibly obtain kernel memory contents, and possibly execute arbitrary code via ...
CVE-2007-2831
Array index error in the 1 ieee80211ioctlgetwmmparams and 2 ieee80211ioctlsetwmmparams functions in net80211/ieee80211wireless.c in MadWifi before 0.9.3.1 allows local users to cause a denial of service system crash, possibly obtain kernel memory contents, and possibly execute arbitrary code via ...
CVE-2007-2831
Array index error in the 1 ieee80211ioctlgetwmmparams and 2 ieee80211ioctlsetwmmparams functions in net80211/ieee80211wireless.c in MadWifi before 0.9.3.1 allows local users to cause a denial of service system crash, possibly obtain kernel memory contents, and possibly execute arbitrary code via ...
CVE-2007-2831
CVE-2007-2831 affects the MadWifi driver prior to 0.9.3.1. Affected code paths are the net80211/ieee80211_wireless.c functions ieee80211_ioctl_getwmmparams and ieee80211_ioctl_setwmmparams, where an oversized negative array index can cause a system crash, potentially expose kernel memory contents...
Debian DSA-1273-1 : nas - several vulnerabilities
Several vulnerabilities have been discovered in nas, the Network Audio System. - CVE-2007-1543 A stack-based buffer overflow in the acceptattlocal function in server/os/connection.c in nas allows remote attackers to execute arbitrary code via a long path slave name in a USL socket connection. -...
DSA-1273-1 nas - several vulnerabilities
Bulletin has no description...
Command injection
Array index error in Network Audio System NAS before 1.8a SVN 237 allows remote attackers to cause a denial of service crash via 1 large numaction values in the ProcAuSetElements function in server/dia/audispatch.c or 2 a large inputNum parameter to the compileInputs function in server/dia/auutil...
CVE-2007-1546
Array index error in Network Audio System NAS before 1.8a SVN 237 allows remote attackers to cause a denial of service crash via 1 large numaction values in the ProcAuSetElements function in server/dia/audispatch.c or 2 a large inputNum parameter to the compileInputs function in server/dia/auutil...
CVE-2007-1546
Array index error in Network Audio System NAS before 1.8a SVN 237 allows remote attackers to cause a denial of service crash via 1 large numaction values in the ProcAuSetElements function in server/dia/audispatch.c or 2 a large inputNum parameter to the compileInputs function in server/dia/auutil...
CVE-2007-1546
Array index error in Network Audio System NAS before 1.8a SVN 237 allows remote attackers to cause a denial of service crash via 1 large numaction values in the ProcAuSetElements function in server/dia/audispatch.c or 2 a large inputNum parameter to the compileInputs function in server/dia/auutil...
CVE-2007-1546
CVE-2007-1546 affects the Network Audio System (NAS) prior to 1.8a SVN 237. The vulnerability is an array index error in NAS code paths: ProcAuSetElements (server/dia/audispatch.c) and compileInputs (server/dia/auutil.c). A remote attacker can trigger a denial of service (crash) by sending large ...
Mandrake Linux Security Advisory : libneon0.26 (MDKSA-2007:013)
An array index error in the URI parser in neon 0.26.0 to 0.26.2 could possibly allow remote malicious servers to cause a crash via a URI with non-ASCII characters. This vulnerability may only exist on 64bit systems. Updated packages are patched to address this issue. %NASLMINLEVEL 70300 C Tenable...
Type confusion
Array index error in the urilookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service crash via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error tha...
CVE-2007-0157
Array index error in the urilookup function in the URI parser for neon 0.26.0 to 0.26.2, possibly only on 64-bit platforms, allows remote malicious servers to cause a denial of service crash via a URI with non-ASCII characters, which triggers a buffer under-read due to a type conversion error tha...