9083 matches found
Microsoft GDI+ WMF Image File Buffer Overflow Vulnerability
Description Microsoft GDI+ is prone to a buffer-overflow vulnerability because the vector graphics linked library improperly allocates memory when parsing WMF image files. Successfully exploiting this issue would allow an attacker to corrupt memory and execute arbitrary code in the context of the...
Microsoft GDI+ VML Heap-Based Buffer Overflow Vulnerability
Description Microsoft GDI+ is prone to a heap-based buffer-overflow vulnerability because the vector graphics link library improperly processes gradient sizes. Successfully exploiting this issue would allow an attacker to corrupt heap memory and execute arbitrary code in the context of the...
Microsoft GDI+ GIF File Parsing Remote Code Execution Vulnerability
Description Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly parses GIF image files. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may...
Server: temporary DoS via crafted pattern searches
Red Hat Directory Server 7.1 before SP7, Red Hat Directory Server 8, and Fedora Directory Server 1.1.1 allow remote attackers to cause a denial of service CPU consumption and search outage via crafted LDAP search requests with patterns, related to a single-threaded regular-expression subsystem...
CVE-2008-3656
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.splitheadervalue function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of...
CVE-2008-3656
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.splitheadervalue function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of...
CVE-2008-3656
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.splitheadervalue function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows context-dependent attackers to cause a denial of...
ruby -- DoS vulnerability in WEBrick
The official ruby site reports: WEBrick::HTTP::DefaultFileHandler is faulty of exponential time taking requests due to a backtracking regular expression in WEBrick::HTTPUtils.splitheadervalue...
Vim: Flawed Fix of Arbitrary Code Execution Vulnerability in filetype.vim
SUMMARY Product : Vim -- Vi IMproved Version : Tested with Vim 7.2b.10, filetype.vim 2008-07-17 Impact : Arbitrary code execution Wherefrom: Local and remote CVE : CVE-2008-2712 Original : http://www.rdancer.org/vulnerablevim-filetype.vim.updated.html...
PCRE buffer overflow
Buffer overflow on regular expression compilation...
GLSA-200807-03 : PCRE: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200807-03 PCRE: Buffer overflow Tavis Ormandy of the Google Security team reported a heap-based buffer overflow when compiling regular expression patterns containing 'Internal Option Settings' such as '?i'. Impact : A remote...
CVE-2008-0086
Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine MSDE 2000 SP4, and 2000 Desktop Engine WMSDE allows remote authenticated users to execute arbitrary code via a crafted SQL expression...
Buffer overflow
Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine MSDE 2000 SP4, and 2000 Desktop Engine WMSDE allows remote authenticated users to execute arbitrary code via a crafted SQL expression...
CVE-2008-0086
Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine MSDE 2000 SP4, and 2000 Desktop Engine WMSDE allows remote authenticated users to execute arbitrary code via a crafted SQL expression...
CVE-2008-2371
Heap-based buffer overflow in pcrecompile.c in the Perl-Compatible Regular Expression PCRE library 7.7 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches...
Heap overflow
Heap-based buffer overflow in pcrecompile.c in the Perl-Compatible Regular Expression PCRE library 7.7 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches...
CVE-2008-2371
CVE-2008-2371 describes a heap-based buffer overflow in the PCRE library (version 7.7) specifically in pcre_compile.c. This vulnerability can be triggered by a context-dependent attacker via a regular expression that begins with an option and contains multiple branches, potentially causing a deni...
CVE-2008-2371
Heap-based buffer overflow in pcrecompile.c in the Perl-Compatible Regular Expression PCRE library 7.7 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches...
CVE-2008-2371
Heap-based buffer overflow in pcrecompile.c in the Perl-Compatible Regular Expression PCRE library 7.7 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches...
CVE-2008-2371
Heap-based buffer overflow in pcrecompile.c in the Perl-Compatible Regular Expression PCRE library 7.7 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a regular expression that begins with an option and contains multiple branches...