php: heap-based buffer over-read in DateInterval

A buffer over-read flaw was found in the way the DateInterval class parsed interval specifications. An attacker able to make a PHP application parse a specially crafted specification using DateInterval could possibly cause the PHP interpreter to crash...

UBUNTU-CVE-2014-4341

MIT Kerberos 5 aka krb5 before 1.12.2 allows remote attackers to cause a denial of service buffer over-read and application crash by injecting invalid tokens into a GSSAPI application session...

openSUSE Security Update : radvd (openSUSE-SU-2011:1247-1)

This update of radvd fixes the following security flaws : - arbitrary file overwrite flaw through unsanitized interface names CVE-2011-3602, - missing return value checks in privsepinit which could cause radvd to keep running with root privileges CVE-2011-3603, - buffer overread flaws in the...

openSUSE Security Update : libxml2 (openSUSE-SU-2013:1221-1)

Libxml2 was updated to fix buffer overread problems which could lead to crashes out of bounds read. CVE-2013-2877 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-592. The text...

openSUSE Security Update : libvpx (openSUSE-SU-2012:0759-1)

A buffer overread was fixed in libvpx which could lead to crashes of applications using libvpx. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-331. The text description of this...

file utility / libmagic / PHP DoS

Infinite recursion on some file types detection, buffer overread, CPU exhaustion...

DEBIAN-CVE-2014-0160

The 1 TLS and 2 DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys,...

PT-2014-2023 · Mozjpeg +8 · Mozjpeg +8

Name of the Vulnerable Software and Affected Versions: libjpeg-turbo versions through 1.5.90 MozJPEG versions through 3.3.1 Description: The issue is related to a buffer over-read in the get 8bit row function in rdbmp.c of the libjpeg library. This can be exploited by a remote attacker to cause a...

mongodb: memory over-read via incorrect BSON object length

The default configuration for MongoDB before 2.3.2 does not validate objects, which allows remote authenticated users to cause a denial of service crash or read system memory via a crafted BSON object in the column name in an insert command, which triggers a buffer over-read...

DEBIAN-CVE-2013-6481

libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows remote attackers to cause a denial of service crash via a Yahoo! P2P message with a crafted length field, which triggers a buffer over-read...

pidgin: DoS caused due to OOB read in Yahoo protocol plugin

libpurple/protocols/yahoo/libymsg.c in Pidgin before 2.10.8 allows remote attackers to cause a denial of service crash via a Yahoo! P2P message with a crafted length field, which triggers a buffer over-read...

PHP DateInterval Heap Buffer Overread Denial of Service (CVE-2013-6712)

A denial of service vulnerability has been reported in PHP. The vulnerability is due to a buffer overread when creating a dateInterval object. A remote attacker can exploit this flaw by sending a malicious request. Successful exploitation could result in a denial of service condition...

DEBIAN-CVE-2013-7290

The doitemget function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service segmentation fault via a request to delete a key, which does not account for the lack of a null terminator in the key and...

DEBIAN-CVE-2013-0179

The processbindelete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service segmentation fault via a request to delete a key, which does not account for the lack of a null terminator in the ke...

CVE-2013-0179

The processbindelete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service segmentation fault via a request to delete a key, which does not account for the lack of a null terminator in the ke...

DEBIAN-CVE-2013-7027

The ieee80211radiotapiteratorinit function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of the header, which might allow attackers to cause a denial of service buffer over-read via a crafted header...

UBUNTU-CVE-2013-7027

The ieee80211radiotapiteratorinit function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of the header, which might allow attackers to cause a denial of service buffer over-read via a crafted header...

gnutls: out of bounds read in _gnutls_ciphertext2compressed (GNUTLS-SA-2013-2)

The gnutlsciphertext2compressed function in lib/gnutlscipher.c in GnuTLS 2.12.23 allows remote attackers to cause a denial of service buffer over-read and crash via a crafted padding length. NOTE: this might be due to an incorrect fix for CVE-2013-0169...

VideoLAN VLC Media Player Libmodplug ReadS3M Stack Overflow (CVE-2011-1574)

A buffer overread vulnerability has been reported in VideoLAN VLC Media Player. The vulnerability is due to error in ReadS3M method in loads3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file...

SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 6641 / 6643 / 6648)

The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.38, fixing various bugs and security issues. The following security issues have been fixed : - Several buffer overread and overwrite errors in the UDF logical volume descriptor code have been fixed that might have have allowed local...