13 matches found
SUSE CVE-2018-18650
An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...
CVE-2020-24863
A memory corruption vulnerability was found in the kernel function kerngetfsstat in MidnightBSD before 1.2.7 and 1.3 through 2020-08-19, and FreeBSD through 11.4, that allows an attacker to trigger an invalid free and crash the system via a crafted size value in conjunction with an invalid mode...
CVE-2020-24863
The CVE-2020-24863 vulnerability is a kernel memory corruption in kern_getfsstat affecting MidnightBSD prior to 1.2.7 and 1.3 up to 2020-08-19, and FreeBSD up to 11.4. A crafted size value combined with an invalid mode can trigger an invalid free, leading to a system crash. The connected document...
Xpdf Denial of Service Vulnerability (CNVD-2019-17487)
Xpdf is a free PDF viewer and toolkit that includes a text extractor, image converter, HTML converter and more. A denial of service vulnerability exists in XRef::readXRefStream in XRef.cc in Xpdf 4.00. An attacker can exploit this vulnerability to cause a denial of service integer overflow via a...
UBUNTU-CVE-2018-18650
An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...
CVE-2018-18650
An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...
Buffer overflow
Buffer overflow in the Tiny SRP library aka TinySRP allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted size value for the username field...
CVE-2011-4789
Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4 allows remote attackers to execute arbitrary code via a crafted size value in a packet. NOTE: it was originally reported that the affected product is HP Diagnostics Server, but HP states that "the...
Integer overflow
Integer overflow in the 3D object functionality in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted size value in a 0xFFFFFF45 RIFF record in a Director movie...
CVE-2008-4654
Stack-based buffer overflow in the parsemaster function in the Ty demux plugin modules/demux/ty.c in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value...
Stack overflow
Stack-based buffer overflow in the parsemaster function in the Ty demux plugin modules/demux/ty.c in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value...
CVE-2008-4654
Stack-based buffer overflow in the parsemaster function in the Ty demux plugin modules/demux/ty.c in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value...
CVE-2008-4654
Stack-based buffer overflow in the parsemaster function in the Ty demux plugin modules/demux/ty.c in VLC Media Player 0.9.0 through 0.9.4 allows remote attackers to execute arbitrary code via a TiVo TY media file with a header containing a crafted size value...