Buffer overflow

Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service application crash or execute arbitrary code via a .rws file with a long RWS010 entry...

Information disclosure

Array index error in Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site. NOTE: some of these details are obtained from third party information...

CVE-2009-3383

Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

CVE-2009-3377

Multiple unspecified vulnerabilities in liboggz before cf5feeaab69b05e24, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via unknown vectors...

Mandrake Security Advisory MDVSA-2009:287 (xpdf)

The remote host is missing an update to xpdf announced via advisory MDVSA-2009:287. OpenVAS Vulnerability Test $Id: mdksa2009287.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:287 xpdf Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

SOL3631 - Stack-based buffer overflow in Apache - CAN-2004-0488

Vulnerability description and product information: Stack-based buffer overflow in the sslutiluuencodebinary function in sslutil.c for Apache modssl, when modssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code by way of a client certificate with a long...

MapServer < 5.4.2 / 5.2.3 / 4.10.5 Buffer Overflow

The remote host is running MapServer, an open source Internet map server. The installed version reportedly contains an incomplete fix for the vulnerability referenced by CVE-2009-0840. An attacker may be able to exploit this issue to cause a denial of service condition or execute arbitrary code o...

CVE-2009-3790

CVE-2009-3790 describes a heap-based buffer overflow in FormMax (formerly AcroForm) evaluation 3.5, enabling remote attackers to cause a denial of service or potentially execute arbitrary code via a crafted FormMax import (.aim) file. The vulnerability details are supported by multiple sources (N...

Integer overflow

Integer overflow in the createsurfacefromthumbnaildata function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow. NOTE: some of the...

CVE-2009-3604

The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted P...

CVE-2009-3604

CVE-2009-3604 affects Xpdf 2.x/3.x up to 3.02pl4 and Poppler 0.x, used in GPdf and kdegraphics KPDF. The root cause is improper memory allocation in Splash::drawImage, which may trigger a NULL pointer dereference or a heap-based buffer overflow when parsing crafted PDFs. Consequences include deni...

CVE-2009-3608

Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based...

CVE-2009-3617

Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a download URI. NOTE: som...

Mandriva Linux Security Advisory : cups (MDVSA-2009:282-1)

Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service crash via a crafted PDF file, related to 1 JBIG2Stream::readSymbolDictSeg, 2 JBIG2Stream::readSymbolDictSeg, and 3...

CVE-2009-2991

Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors...

CVE-2009-2994

Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors...

CVE-2009-3711

Stack-based buffer overflow in the hhandlepeer function in http.cpp in httpdx 1.4, and possibly 1.4.3, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP GET request...

Heap overflow

Heap-based buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via 1 a crafted ASF file or 2 crafted streaming content, aka "WMP Heap Overflow Vulnerability."...

Mandrake Security Advisory MDVSA-2009:260 (imagemagick)

The remote host is missing an update to imagemagick announced via advisory MDVSA-2009:260. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

CVE-2009-3663

Format string vulnerability in the hreadrequest function in http.c in httpdx Web Server 1.4 allows remote attackers to cause a denial of service crash or execute arbitrary code via format string specifiers in the Host header...