3826 matches found
Mozilla arbitrary code execution
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service crash via images in a page that uses designMode frames, which triggers memory corruption related to resize handles...
Mozilla arbitrary code execution
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service crash via images in a page that uses designMode frames, which triggers memory corruption related to resize handles...
Mozilla arbitrary code execution
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service crash via images in a page that uses designMode frames, which triggers memory corruption related to resize handles...
DEBIAN-CVE-2007-4770
libicu in International Components for Unicode ICU 3.8.1 and earlier attempts to process backreferences to the nonexistent capture group zero aka \0, which might allow context-dependent attackers to read from, or write to, out-of-bounds memory locations, related to corruption of REStackFrames...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix various security issues and several bugs in the Red Hat Enterprise Linux 4 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any...
Directory traversal
Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 languagesn.php, 2 languagesf.php, or 3 languages.php in inc/; and 4 allow remote attackers to read arbitrary...
RHEL 5 : kernel (RHSA-2007:0993)
Updated kernel packages that fix various security issues in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These ne...
Important: Red Hat Security Advisory: kernel security update
Updated kernel packages that fix various security issues in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These ne...
GLSA-200711-09 : MadWifi: Denial of Service
The remote host is affected by the vulnerability described in GLSA-200711-09 MadWifi: Denial of Service Clemens Kolbitsch and Sylvester Keil reported an error when processing beacon frames with an overly large 'length' value in the 'xrates' element. Impact : A remote attacker could act as an acce...
PT-2007-6106 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.23 Description: The issue is caused by an integer underflow in the ieee80211 rx function, allowing remote attackers to cause a denial of service crash via a crafted SKB length value in a runt IEEE 802.11 fra...
Heap overflow
The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used...
CVE-2007-5729
The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used...
CVE-2007-5729
The NE2000 emulator in QEMU 0.8.2 allows local users to execute arbitrary code by writing Ethernet frames with a size larger than the MTU to the EN0TCNT register, which triggers a heap-based buffer overflow in the slirp library, aka NE2000 "mtu" heap overflow. NOTE: some sources have used...
[SECURITY] Fedora Core 6 Update: elinks-0.11.3-1.fc6
Links is a text-based Web browser. Links does not display any images, but it does support frames, tables and most other HTML tags. Links' advantage over graphical browsers is its speed--Links starts and exits quickly and swiftly displays Web pages...
Atheros wireless network drivers may fail to properly handle malformed frames
Overview Atheros wireless drivers fail to properly handle malformed wireless frames. This vulnerability may allow a remote, unauthenticated attacker to create a denial-of-service condition. Description Some versions of the Microsoft Windows drivers for Atheros 802.11 a/b/g wireless adapters fail ...
CVE-2007-3763
The IAX2 channel driver chaniax2 in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a crafted 1 LAGRQ or 2 LAGRP...
CVE-2007-3763
The IAX2 channel driver chaniax2 in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a crafted 1 LAGRQ or 2 LAGRP...
DEBIAN-CVE-2007-3762
Stack-based buffer overflow in the IAX2 channel driver chaniax2 in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a...
CVE-2007-3762
Stack-based buffer overflow in the IAX2 channel driver chaniax2 in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to execute arbitrary code by sending a...
CVE-2007-2829
The 802.11 network stack in net80211/ieee80211input.c in MadWifi before 0.9.3.1 allows remote attackers to cause a denial of service system hang via a crafted length field in nested 802.3 Ethernet frames in Fast Frame packets, which results in a NULL pointer dereference...