126 matches found
CVE-2014-1746
Removed by vendor...
CVE-2014-1746
The InMemoryUrlProtocol::Read function in media/filters/inmemoryurlprotocol.cc in Google Chrome before 35.0.1916.114 relies on an insufficiently large integer data type, which allows remote attackers to cause a denial of service out-of-bounds read via vectors that trigger use of a large buffer...
Destoon B2B website software to the latest version of SQL blind injection vulnerability-vulnerability warning-the black bar safety net
Brief description: Destoon B2B website existsSQL injectionvulnerabilities have played a 2 0 1 3 0 7 0 3 patches Detailed description: /module/mall/buy.inc.php this file, in addition to the already fix the know Chong Yu reported that injection point, but also the presence of other injection points...
Oracle Linux 6 : kernel (ELSA-2013-0830)
The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-0830 advisory. 2.6.32-358.6.2 - kernel perf: fix perfsweventenabled array out-of-bound access Petr Matousek 962793 962794 CVE-2013-2094 Tenable has extracted the preceding...
Integer overflow
The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perfeventopen system call...
CVE-2013-2094
The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perfeventopen system call...
CVE-2013-2094
The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perfeventopen system call...
CVE-2013-2487
epan/dissectors/packet-reload.c in the REsource LOcation And Discovery aka RELOAD dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service infinite loop via crafted integer values in a packet, related to the 1...
CVE-2013-2486
The dissectdiagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery aka RELOAD dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service infinite loop via crafted integer...
CVE-2013-2487
epan/dissectors/packet-reload.c in the REsource LOcation And Discovery aka RELOAD dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service infinite loop via crafted integer values in a packet, related to the 1...
CVE-2013-2487
epan/dissectors/packet-reload.c in the REsource LOcation And Discovery aka RELOAD dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service infinite loop via crafted integer values in a packet, related to the 1...
CVE-2011-1592
The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service application crash via a crafted .pcap file...
CVE-2010-4705
Integer overflow in the vorbisresiduedecodeinternal function in libavcodec/vorbisdec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to the sizes of certain integer data types. NOTE: this might overlap CVE-2011-0480...
CVE-2010-3073
SSLCipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms...
CVE-2010-3073
SSLCipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms...
CVE-2010-3073
EncFS vulnerability CVE-2010-3073 affects EncFS prior to 1.7.0. Root cause: SSL_Cipher.cpp constructs IV headers using insufficiently validated integer data sizes, defeating cryptographic protection and allowing local access to sensitive data. Affected software: encfs (pre-1.7.0). Impact: partial...
CVE-2010-3073
SSLCipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing headers intended for randomization of initialization vectors, which makes it easier for local users to obtain sensitive information by defeating cryptographic protection mechanisms...
Mandriva Update for freetype2 MDVSA-2010:157 (freetype2)
Check for the Version of freetype2 OpenVAS Vulnerability Test Mandriva Update for freetype2 MDVSA-2010:157 freetype2 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...
CVE-2010-2807
FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font file...
CVE-2010-2807
FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted font file...