CVE-2007-1453

Buffer underflow in the PHPFILTERTRIMDEFAULT macro in the filtering extension ext/filter in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by calling filtervar with certain modes such as FILTERVALIDATEINT, which causes filter to write a null byte in whitespace that precede...

CVE-2007-1584

Buffer underflow in the header function in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by passing an all-whitespace string to this function, which causes it to write '\0' characters in whitespace that precedes the string...

MaraDNS < 2.0.13 Multiple Vulnerabilities

According to its self-reported version number, the MaraDNS server running on the remote host is prior to 2.0.13. It is, therefore, potentially affected by multiple vulnerabilities : - A flaw exists in mararc parser due to a buffer underflow condition in the file ParseMaraRc.c. An unauthenticated,...

Oracle: Security Advisory (ELSA-2012-0308)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2012-103)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2012-143)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

cURL and libcurl Cookie Path Parsing Remote Code Execution (CVE-2015-3145)

A heap buffer underflow vulnerability exists in cURL and libcurl. The vulnerability is due error when parsing a cookie path in an HTTP response. A remote, unauthenticated attackers can exploit this vulnerability by enticing user to perform a cURL on a crafted URL or provide malicious HTTP respons...

wireshark: TLS/SSL decryption crash (wnpa-sec-2015-05)

Buffer underflow in the ssldecryptrecord function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service application crash via a crafted packet that is improperly handled during decryption of an SSL...

CVE-2015-2426

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a...

Buffer overflow

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a...

CVE-2015-2426

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a...

CVE-2015-2426

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a...

CVE-2015-2426

CVE-2015-2426 is a Windows OpenType Font Driver vulnerability (ATMFD.DLL) that causes a pool/heap overflow when processing OpenType fonts, allowing remote code execution. The issue arises from a flawed handling of font data (notably the Class1Count field in the GPOS/CFF paths) where an invalid ze...

CVE-2015-2426

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a...

PT-2015-1569 · Microsoft +1 · Windows +1

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Adobe Type Manager Library versions prior to the fixed version Description: The issue is caused by a buffer underflow in the atmfd.dll library, allowing remote attackers to execute arbitrary code via a crafted OpenType font...

Immunity Canvas: ATMFD_POOL_BUFFER_UNDERFLOW

Name| atmfdpoolbufferunderflow ---|--- CVE| CVE-2015-2387 Exploit Pack| CANVAS Description| ATMFD.dll Pool Buffer Underflow Notes| Repeatability: Infinite Notes: This module exploits a vulnerability on the Adobe Type Manager Font Driver ATMFD.DLL. While processing a font data there exists a buffe...

Microsoft Windows Type 1 Font callother Opcode Heap Buffer Underflow Remote Code Execution Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

CVE-2015-0825

CVE-2015-0825 is a vulnerability in Mozilla Firefox prior to 36.0 involving a stack-based buffer underflow in mozilla::MP3FrameParser::ParseBuffer during MP3 playback, potentially allowing an attacker to leak memory contents. Related advisories confirm Firefox and ESR versions affected and that u...

UBUNTU-CVE-2015-0825

Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox before 36.0 allows remote attackers to obtain sensitive information from process memory via a malformed MP3 file that improperly interacts with memory allocation during playback...

Buffer underflow during MP3 playback — Mozilla

Security researcher Atte Kettunen used the Address Sanitizer tool to discover a buffer underflow during audio playback of a badly formatted MP3 audio files. Through memory allocation manipulation it may be possible to incorporate parts of Firefox memory into an MP3 stream accessible to scripts on...