CVE-2016-1886

CVE-2016-1886 is a local kernel vulnerability in FreeBSD where an integer signedness error in genkbd_commonioctl (kbd.c) enables a local user to leak kernel memory, cause memory corruption leading to a kernel crash, or gain privileges via a negative flen value in an arg to a SETFKEY ioctl. Affect...

CVE-2016-1887

Integer signedness error in the sockargs function in sys/kern/uipcsyscalls.c in FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to cause a denial of service memory overwrite and kernel panic or gain privileges via a negative buflen argument, which triggers a...

CVE-2016-1886

Integer signedness error in the genkbdcommonioctl function in sys/dev/kbd/kbd.c in FreeBSD 9.3 before p42, 10.1 before p34, 10.2 before p17, and 10.3 before p3 allows local users to obtain sensitive information from kernel memory, cause a denial of service memory overwrite and kernel crash, or ga...

CVE-2016-1887

CVE-2016-1887 is a vulnerability in FreeBSD where an integer signedness error in sockargs (sys/kern/uipc_syscalls.c) affects FreeBSD 10.1 before p34, 10.2 before p17, and 10.3 before p3. The underlying cause is a signedness issue in buflen handling, enabling a local attacker to trigger a heap-bas...

CVE-2016-1886

Removed by vendor...

gd: arbitrary code execution

A heap-based buffer overflow caused by an integer signedness error has been found in the libgd code handling compressed gd2 chunks...

CVE-2016-4535

Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service memory corruption and crash via a crafted packed executable...

DEBIAN-CVE-2016-3074

Integer signedness error in GD Graphics Library 2.1.1 aka libgd or libgd2 allows remote attackers to cause a denial of service crash or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow...

CVE-2016-3074

Integer signedness error in GD Graphics Library 2.1.1 aka libgd or libgd2 allows remote attackers to cause a denial of service crash or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow...

CVE-2016-4084

Integer signedness error in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 allows remote attackers to cause a denial of service integer overflow and application crash via a crafted packet that triggers an unexpected array size...

CVE-2016-4084

Integer signedness error in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 allows remote attackers to cause a denial of service integer overflow and application crash via a crafted packet that triggers an unexpected array size...

CVE-2016-4084

Wireshark 2.0.x before 2.0.3 is affected by CVE-2016-4084 due to an integer signedness error in the MS-WSP dissector (epan/dissectors/packet-mswsp.c). A crafted MS-WSP packet can trigger an unexpected array size, leading to an overflow and denial of service (application crash). Affected component...

CVE-2016-4084

Integer signedness error in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 allows remote attackers to cause a denial of service integer overflow and application crash via a crafted packet that triggers an unexpected array size...

KLA10796 Multiple vulnerabilities in Wireshark

Multiple vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely by injecting malformed packet. Technical details These vulnerabilities can be exploited remotely via a vectors related...

CVE-2016-1885

Integer signedness error in the amd64setldt function in sys/amd64/amd64/sysmachdep.c in FreeBSD 9.3 before p39, 10.1 before p31, and 10.2 before p14 allows local users to cause a denial of service kernel panic via an i386setldt system call, which triggers a heap-based buffer overflow...

CVE-2016-1885

CVE-2016-1885 affects FreeBSD on amd64 architectures (notably 10.2-RELENG and earlier 9.3/10.1) through an integer signedness error in the amd64_set_ldt() function used by the i386_set_ldt syscall. The bug can cause a kernel heap overflow when a process manipulates its Local Descriptor Table (LDT...

CVE-2016-1885

Removed by vendor...

FreeBSD : libarchive -- multiple vulnerabilities (7c63775e-be31-11e5-b5fe-002590263bf5)

MITRE reports : Integer signedness error in the archivewritezipdata function in archivewritesetformatzip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service crash via unspecified vectors, which triggers an improper...

CVE-2009-3280

Integer signedness error in the findie function in net/wireless/scan.c in the cfg80211 subsystem in the Linux kernel before 2.6.31.1-rc1 allows remote attackers to cause a denial of service soft lockup via malformed packets...

CVE-2011-2906

Integer signedness error in the pmcraidioctlpassthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service memory consumption or memory corruption via a negative size value in an ioctl call. NOTE: this may be a vulnerability only...