121 matches found
UBUNTU-CVE-2013-6412
The transformsave function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors...
MariaDB Denial Of Service Vulnerability - Windows
MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb";...
Design/Logic Flaw
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service crash via a crafted geometry feature that specifies a large number o...
CVE-2013-1861
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service crash via a crafted geometry feature that specifies a large number o...
CVE-2013-1861
MariaDB 5.5.x before 5.5.30, 5.3.x before 5.3.13, 5.2.x before 5.2.15, and 5.1.x before 5.1.68, and Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote attackers to cause a denial of service crash via a crafted geometry feature that specifies a large number o...
Design/Logic Flaw
MySQL 5.1.x before 5.1.63 and 5.5.x before 5.5.24 allows remote authenticated users to cause a denial of service mysqld crash via vectors related to incorrect calculation and a sort order index...
CVE-2010-3567
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle ha...
CVE-2010-3567
Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle ha...
Microsoft Word RTF Object Parsing Remote Code Execution (MS08-072; CVE-2008-4027)
Microsoft Word is a popular word processing software. A remote code execution vulnerability has been identified in Microsoft Word. The vulnerability is due to a memory calculation error in Microsoft Word that fails to properly handle specially crafted control words in Rich Text Format .rtf files....
Microsoft Word RTF Drawing Primitives Remote Code Execution (MS08-072; CVE-2008-4028)
Rich Text Format RTF provides a format for text and graphics interchange that can be used with different operating systems. OLE is the technology that applications use to create and edit compound documents. By using OLE technology, an application can provide embedding and linking support. A remot...
Microsoft Word RTF Control Word Handling Integer Overflow (MS08-072; CVE-2008-4025)
Rich Text Format RTF provides a format for text and graphics interchange that can be used with different operating systems. OLE is the technology that applications use to create and edit compound documents. By using OLE technology, an application can provide embedding and linking support. A remot...
Buffer overflow
A "memory calculation error" in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP2, and 2007 through SP1; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 through SP1; and Office 2004 for Mac allows remote attackers to execute arbitrary code via a PowerPoint file with crafted...
CVE-2008-1455
A "memory calculation error" in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP2, and 2007 through SP1; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 through SP1; and Office 2004 for Mac allows remote attackers to execute arbitrary code via a PowerPoint file with crafted...
CVE-2008-0121
A "memory calculation error" in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute arbitrary code via a PowerPoint file with an invalid picture index that triggers memory corruption, aka "Memory Calculation Vulnerability."...
CVE-2008-1455
CVE-2008-1455 describes a remote code execution vulnerability in Microsoft PowerPoint caused by a memory handling flaw while parsing bullet list values in specially crafted PowerPoint files (memory calculation/parsing overflow). Affected products include PowerPoint 2000 SP3, 2002 SP3, 2003 SP2, 2...
Microsoft PowerPoint TxMasterStyle10Atom Processing Code Execution (MS08-051; CVE-2008-1455)
Microsoft PowerPoint is a popular presentation program. A remote code execution vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to a memory calculation error in Microsoft PowerPoint when parsing bullet list values in specially crafted PowerPoint files. A remote...
Heap overflow
Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via a Rich Text Format .rtf file with a malformed string that triggers a "memory calculation error" and a heap-based...
Microsoft Word Cascading Style Sheet Processing Code Execution (MS08-026; CVE-2008-1434)
Microsoft Word is a popular word processing software. A remote code execution vulnerability has been identified in Microsoft Word. A remote attacker could exploit this issue via a malformed Word file. The vulnerability is due to a memory calculation error in Microsoft Word that fails to properly...
Microsoft Word RTF File Handling Memory Corruption (MS08-026; CVE-2008-1091)
A remote code execution vulnerability has been identified in Microsoft Word. The vulnerability is due to a memory calculation error in Microsoft Word that fails to properly handle specially crafted Rich Text Format .rtf files. A remote attacker could trigger this flaw by convincing a victim to op...
lighttpd: Multiple vulnerabilities
Background lighttpd is a lightweight high-performance web server. Description lighttpd contains a calculation error when allocating the global file descriptor array CVE-2008-0983. Furthermore, it sends the source of a CGI script instead of returning a 500 error Internal Server Error when the fork...