Pulseaudio 0.9.5 (rev 1437) termination

Luigi Auriemma Application: PulseAudio http://www.pulseaudio.org Versions: 0.9.5 svn 1437 Platforms: POSIX and Win32 Bugs: termination of the server through failed assert Exploitation: local and remote Date: 29 Mar 2007 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1...

PulseAudio sound server DoS

Multiple invalid assertusage, e.g. on empty request...

Microsoft Visual Studio 64-bit time functions DoS

Invalid use of assert-style macro causes application termination for timet values behind MAXTIME64T January, 1 3000...

CVE-2006-3464

CVE-2006-3464 affects the TIFF library (libtiff) up to version 3.8.1; the issue arises from large offset values in a TIFF directory causing an integer overflow and triggering unchecked arithmetic operations. This can lead to context-dependent attackers potentially executing code or causing a cras...

CVE-2006-3492

CVE-2006-3492 concerns MICO (Mico Is CORBA) up to version 2.3.12. The vulnerability is in CORBA::ORBInvokeRec::set_answer_invoke (orb.cc), where processing a message with an incorrect object key can cause an assertion failure, leading to an application crash (remote denial of service). The availa...

Apple OpenDirectory DoS

slapd assert on malformed bind request...

Design/Logic Flaw

OpenLDAP in Apple Mac OS X 10.4 up to 10.4.6 allows remote attackers to cause a denial of service crash via an invalid LDAP request that triggers an assert error...

CVE-2006-1470

OpenLDAP in Apple Mac OS X 10.4.x up to 10.4.6 is affected by a DoS due to an assertion error triggered by a malformed LDAP request. The vulnerability enables a remote attacker to crash the Open Directory/OpenLDAP server. Affected products are Apple Mac OS X/macOS Open Directory deployments using...

CVE-2006-2789

Evolution 2.2.x/2.3.x on GNOME 2.7/2.8 is affected. When the option “load images if sender in addressbook” is enabled, a crafted From header can trigger an assert in camel-internet-address.c using a null pointer, causing a persistent crash (denial of service). This vulnerability is evidenced acro...

CVE-2006-2789

Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service persistent crash via a crafted "From" header that triggers an assert error in camel-internet-address.c when a null pointer is used...

CVE-2006-2575

The setFrame function in Lib/2D/Surface.hpp for NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service crash via a client flag frameNum that is greater than 41, which triggers an assert error...

CVE-2006-2575

The setFrame function in Lib/2D/Surface.hpp for NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service crash via a client flag frameNum that is greater than 41, which triggers an assert error...

Code injection

The setFrame function in Lib/2D/Surface.hpp for NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service crash via a client flag frameNum that is greater than 41, which triggers an assert error...

CVE-2006-2575

The setFrame function in Lib/2D/Surface.hpp for NetPanzer 0.8 and earlier allows remote attackers to cause a denial of service crash via a client flag frameNum that is greater than 41, which triggers an assert error...

CVE-2006-2575

The CVE-2006-2575 entry affects NetPanzer 0.8 and earlier. The vulnerability lies in the setFrame function in Lib/2D/Surface.hpp, where a client flag (frameNum) greater than 41 can trigger an assert error, allowing remote attackers to cause a denial of service (crash). No exploitation details or ...

CVE-2006-0995

EMC Dantz Retrospect 7 backup client 7.0.107, and other versions before 7.0.109, and 6.5 before 6.5.138 allows remote attackers to cause a denial of service client termination and loss of backup service via a malformed packet to TCP port 497, which triggers an assert error...

security flaw

store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service crash via certain aborted requests that trigger an assert error related to STOREPENDING...

CVE-2005-2904

Zebedee 2.4.1, when "allowed redirection port" is not set, allows remote attackers to cause a denial of service application crash via a zero in the port number of the protocol option header, which triggers an assert error in the makeConnection function in zebedee.c...

CVE-2005-2794

store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service crash via certain aborted requests that trigger an assert error related to STOREPENDING...

CVE-2005-2794

store.c in Squid 2.5.STABLE10 and earlier allows remote attackers to cause a denial of service crash via certain aborted requests that trigger an assert error related to STOREPENDING...