7038 matches found
CVE-2010-2596
The OJPEGPostDecode function in tifojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted TIFF image, related to "downsampled OJPEG input."...
Input validation
The OJPEGPostDecode function in tifojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted TIFF image, related to "downsampled OJPEG input."...
CVE-2010-2596
The OJPEGPostDecode function in tifojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted TIFF image, related to "downsampled OJPEG input."...
CVE-2010-2596
CVE-2010-2596 affects LibTIFF: the OJPEGPostDecode function (tif_ojpeg.c) in LibTIFF 3.9.0 and 3.9.2, as used by tiff2ps, allows remote attackers to cause a denial of service via a crafted TIFF image (downsampled OJPEG input). Connected advisories confirm impact and fixes; upstream patches exist ...
Fedora 13 : krb5-1.7.1-7.fc13 (2010-4608)
A GSSAPI-authenticated service could be remotely forced to trigger an assertion failure by sending it certain invalid messages MITKRB5-SA-2010-002, CVE-2010-0628. The included patch for adding PAM support to the bundled FTP server contained a bug which would cause the service to crash if a client...
CVE-2010-1203
The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp...
Memory corruption
The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp...
CVE-2010-1203
The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp...
TeamSpeak Server多个拒绝服务和绕过安全限制漏洞
BUGTRAQ ID: 40918 TeamSpeak是一种专门为网络游戏玩家设计的IP语音通信系统。 TeamSpeak服务器在执行通过UDP 9987端口所接收到的受限制命令时没有要求认证,用户可以非授权执行各种管理命令。以下是部分有漏洞命令的列表: banclient bandel channeladdperm/channeldelperm channelclientaddperm/channelclientdelperm channeldelete channeledit channelmove clientaddperm/clientdelperm clientdbdelete...
FreeBSD Ports: krb5
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
RedHat Update for squid RHSA-2010:0221-04
Check for the Version of squid OpenVAS Vulnerability Test RedHat Update for squid RHSA-2010:0221-04 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1)
lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service assertion failure via a crafted DNS packet that only contains a header...
CVE-2010-0628
The spnegogssacceptseccontext function in lib/gssapi/spnego/spnegomech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 aka krb5 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid packet that triggers...
DEBIAN-CVE-2010-0628
The spnegogssacceptseccontext function in lib/gssapi/spnego/spnegomech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 aka krb5 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid packet that triggers...
CVE-2010-0628
The spnegogssacceptseccontext function in lib/gssapi/spnego/spnegomech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 aka krb5 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid packet that triggers...
Debian DSA-1830-1 : icedove - several vulnerabilities
Several remote vulnerabilities have been discovered in the Icedove mail client, an unbranded version of the Thunderbird mail client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-0040 The execution of arbitrary code might be possible via a crafted...
CVE-2010-0283
The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid 1 AS-REQ or 2 TGS-REQ request...
Cross site request forgery (csrf)
The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid 1 AS-REQ or 2 TGS-REQ request...
ISC BIND DNSSEC Validation Multiple RRsets Denial of Service (CVE-2007-0494)
The Domain Name System DNS is a system of mapping host names to IP addresses. Domain names consist of alphabetic characters such that they areeasier for human to remember. BIND Berkeley Internet Name Domain is an implementation of the DNS protocol and provides an openly redistributable reference...
CVE-2010-0283
The Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.7 before 1.7.2, and 1.8 alpha, allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid 1 AS-REQ or 2 TGS-REQ request...