1447 matches found
UBUNTU-CVE-2014-5162
The readnewline function in wiretap/catapultdct2000.c in the Catapult DCT2000 dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' and '\r' characters, which allows remote attackers to cause a denial of service off-by-one buffer underflow and application crash via a crafted...
CVE-2014-5165
The dissectberconstrainedbitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.10.x before 1.10.9 does not properly validate padding values, which allows remote attackers to cause a denial of service buffer underflow and application crash via a crafted packe...
CVE-2014-5162
Wireshark 1.10.x before 1.10.9 is affected by CVE-2014-5162 in the Catapult DCT2000 dissector (wiretap/catapult_dct2000.c). The read_new_line function does not properly strip '\n' and '\r', enabling a remote attacker to cause a denial of service via a crafted packet (off-by-one buffer underflow l...
CVE-2014-5161
The dissectlog function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service buffer underflow and application crash via a crafted packet...
CVE-2014-5162
The readnewline function in wiretap/catapultdct2000.c in the Catapult DCT2000 dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' and '\r' characters, which allows remote attackers to cause a denial of service off-by-one buffer underflow and application crash via a crafted...
CVE-2014-5161
Wireshark 1.10.x before 1.10.9 is affected by CVE-2014-5161 in the IrDA dissector (dissect_log). The issue arises because the dissector does not properly strip newline characters, enabling a remote attacker to trigger a denial-of-service via a crafted packet that can cause a buffer underflow and ...
CVE-2014-5161
The dissectlog function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service buffer underflow and application crash via a crafted packet...
QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART
Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...
LibTIFF 3.8.2 - 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/35451/info LibTIFF is prone to a remote buffer-underflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary malicious code in...
openSUSE Security Update : Mozilla Suite (openSUSE-SU-2013:1633-1)
MozillaFirefox was updated to Firefox 25.0. MozillaThunderbird was updated to Thunderbird 24.1.0. Mozilla XULRunner was updated to 17.0.10esr. Mozilla NSPR was updated to 4.10.1. Changes in MozillaFirefox : - requires NSS 3.15.2 or above - MFSA 2013-93/CVE-2013-5590/CVE-2013-5591/CVE-2013-5592...
openSUSE Security Update : xulrunner17 (openSUSE-SU-2013:1496-1)
This xulrunner17 version update to 17.0.9esr fixes the following security issues bnc840485 : - MFSA 2013-65/CVE-2013-1705 bmo882865 Buffer underflow when generating CRMF requests - MFSA 2013-76/CVE-2013-1718 Miscellaneous memory safety hazards - MFSA 2013-79/CVE-2013-1722 bmo893308 Use-after-free...
QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART
Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...
QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART
Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...
QEMU: out of bounds buffer accesses, guest triggerable via IDE SMART
Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...
Debian DSA-2932-1 : qemu - security update
Several vulnerabilities were discovered in qemu, a fast processor emulator. - CVE-2013-4344 Buffer overflow in the SCSI implementation in QEMU, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command. -...
Debian DSA-2933-1 : qemu-kvm - security update
Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. - CVE-2013-4344 Buffer overflow in the SCSI implementation in QEMU, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in ...
CVE-2014-2894
Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...
DEBIAN-CVE-2014-2894
Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...
CVE-2014-2894
Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...
Memory corruption
Off-by-one error in the cmdsmart function in the smart self test in hw/ide/core.c in QEMU before 2.0 allows local users to have unspecified impact via a SMART EXECUTE OFFLINE command that triggers a buffer underflow and memory corruption...