CVE-2009-3626

Perl 5.10.1 allows context-dependent attackers to cause a denial of service application crash via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match...

CVE-2009-3372

Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration PAC file...

CVE-2009-3626

Perl 5.10.1 allows context-dependent attackers to cause a denial of service application crash via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match...

CVE-2009-3626

Perl 5.10.1 allows context-dependent attackers to cause a denial of service application crash via a UTF-8 character with a large, invalid codepoint, which is not properly handled during a regular-expression match...

CVE-2009-3372

CVE-2009-3372 affects Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0. It allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file. The linked MiracleLinux advisory AXSA:2009-419:04 lists this CVE am...

Fedora 10 : Django-1.1.1-1.fc10 (2009-10432)

http://www.djangoproject.com/weblog/2009/oct/09/security/ Description of vulnerability ============================ Django's forms library included field types which perform regular-expression-based validation of email addresses and URLs. Certain addresses/URLs could trigger a pathological...

Heap overflow

Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and...

Integer overflow

Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Offic...

CVE-2009-2500

This CVE corresponds to MS09-062: GDI+ WMF Integer Overflow Vulnerability. Affected are Microsoft GDI+ image-processing paths used by WMF, PNG, TIFF, BMP handling across Windows components and Office/Viewer products (e.g., IE6, Office suites, Visio, Project, SQL/Report Viewer, Forefront Client Se...

CVE-2009-3126

CVE-2009-3126 corresponds to the GDI+ PNG Integer Overflow vulnerability described in MS09-062. The issue arises from an integer overflow in GDI+ when processing PNG images, which could allow remote code execution if a user opens a specially crafted image. The vulnerability affects a wide range o...

PT-2009-4908 · Microsoft · Works +26

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer version 6 SP1 Windows XP versions SP2 and SP3 Office XP version SP3 Office 2003 version SP3 2007 Microsoft Office System versions SP1 and SP2 Office Project 2002 version SP1 Visio 2002 version SP2 Office Word Viewe...

CVE-2009-3695

Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...

Design/Logic Flaw

Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...

CVE-2009-3695

Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...

CVE-2009-3695

Algorithmic complexity vulnerability in the forms library in Django 1.0 before 1.0.4 and 1.1 before 1.1.1 allows remote attackers to cause a denial of service CPU consumption via a crafted 1 EmailField email address or 2 URLField URL that triggers a large amount of backtracking in a regular...

Microsoft GDI+ WMF File Processing Remote Code Execution Vulnerability

Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes WMF image files. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts m...

Microsoft GDI+ CCITT G4 TIFF File Processing Memory Corruption Remote Code Execution Vulnerability

Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes TIFF image files. This issue occurs when CCITT G4 compressed TIFF images are decompressed. An attacker could exploit this issue to execute arbitrary code with...

Microsoft GDI+ PNG File Integer Overflow Remote Code Execution Vulnerability

Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes PNG image files. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts m...

Microsoft GDI+ TIFF File Processing 'BitsPerSample' Tag Remote Code Execution Vulnerability

Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes TIFF image files. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts...

Microsoft GDI+ PNG File Processing Remote Code Execution Vulnerability

Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes PNG image files. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts m...