482 matches found
CVE-2011-1808
Removed by vendor...
Google Chrome < 12.0.742.91 Multiple Vulnerabilities
The version of Google Chrome installed on the remote host is earlier than 12.0.742.91. Such versions of Chrome are affected by multiple vulnerabilities: - Use-after-free errors exist in the handling of float variables, accessibility functionality, developer tools and an image loader. Issues 73962...
CVE-2011-1437
Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering...
Integer overflow
Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering...
CVE-2011-1437
Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering...
CVE-2011-1437
Removed by vendor...
SuSE 11.1 Security Update : IBM Java (SAT Patch Number 4109)
IBM Java 6 SR9 FP1 was updated to fix a critical security bug in float number handling : - The Java Runtime Environment hangs forever when converting '2.2250738585072012e-308' to a binary floating-point number. CVE-2010-4476 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...
SuSE 10 Security Update : java-1_6_0-ibm, java-1_6_0-ibm-32bit, java-1_6_0-ibm-64bit, java-1_6_0-ibm-alsa, java-1_6_0-ibm-alsa-32bit, java-1_6_0-ibm-demo, java-1_6_0-ibm-devel, java-1_6_0-ibm-devel-32bit, java-1_6_0-ibm-fonts, java-1_6_0-ibm-jdbc, java-1_6_0-ibm-jdbc-32bit, java-1_6_0-ibm-jdbc-64bit, java-1_6_0-ibm-plugin, java-1_6_0-ibm-plugin-32bit, java-1_6_0-ibm-src (ZYPP Patch Number 7369)
IBM Java 6 SR9 FP1 was updated to fix a critical security bug in float number handling : - The Java Runtime Environment hangs forever when converting '2.2250738585072012e-308' to a binary floating-point number. CVE-2010-4476 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text descriptio...
K-Meleon 1.5.3 Remote Array Overrun
Exploit for unknown platform in category dos / poc =================================== K-Meleon 1.5.3 Remote Array Overrun =================================== Title: K-Meleon 1.5.3 Remote Array Overrun CVE-ID: OSVDB-ID: Author: Maksymilian Arciemowicz and sp3x Published: 2009-11-19 Verified: yes...
K-Meleon 1.5.3 Remote Array Overrun
No description provided by source. From Full Disclosure: http://seclists.org/fulldisclosure/2009/Nov/222 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 K-Meleon 1.5.3 Remote Array Overrun Arbitrary code execution Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.:...
ruby: DoS vulnerability in BigDecimal
The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service application crash via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type...
CVE-2009-1904
The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service application crash via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service application crash via a string argument that represents a large number, as...
Code injection
The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service application crash via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type...
CVE-2009-1904 ruby: DoS vulnerability in BigDecimal
The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service application crash via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type...
Mandriva Update for php MDVSA-2008:127 (php)
Check for the Version of php OpenVAS Vulnerability Test Mandriva Update for php MDVSA-2008:127 php Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...
ghostscript-poc.txt
/ A proof of concept exploit for ghostscript 8.61 and earlier. Vulnerability discovered by Chris Evans Author: [email protected] Will Drewry Affects: All versions of ghostscript that support .seticcspace. Tested on: Ubuntu gs-esp-8.15.2.dfsg.0ubuntu1-0ubuntu1 x86 Ghostscript 8.61 2007-11-21 x86...
Ghostscript 8.0.1/8.15 - 'zseticcspace()' Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/28017/info Ghostscript is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Successfully exploiting this issue may allow remote attackers to execute arbitrary code in the context of th...
Microsoft IE HTML渲染内存破坏漏洞(MS06-067)
Internet Explorer是一款非常流行的WEB浏览器。 Internet Explorer在解析HTML CSS的float属性时存在漏洞,远程攻击者可能利用此漏洞在用户机器上执行任意指令。 如果处理了HTML页面中的特制div标签的话,就会触发内存破坏,导致执行任意代码。 Microsoft Internet Explorer 6.0 SP1 Microsoft Internet Explorer 6.0 将Internet和本地Intranet安全区域设置设为“高”,以便在这些区域中运行ActiveX控件和活动脚本之前进行提示。 将Internet...
[Full-disclosure] ZDI-06-041: Microsoft Internet Explorer CSS Float Property Memory Corruption Vulnerability
ZDI-06-041: Microsoft Internet Explorer CSS Float Property Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-041.html November 14, 2006 -- CVE ID: CVE-2006-4687 -- Affected Vendor: Microsoft -- Affected Products: Internet Explorer 6 -- TippingPointTM IPS Customer...