741 matches found
CVE-2014-0998
Integer signedness error in the vt console driver formerly Newcons in FreeBSD 9.3 before p10 and 10.1 before p6 allows local users to cause a denial of service crash and possibly gain privileges via a negative value in a VTWAITACTIVE ioctl call, which triggers an array index error and out-of-boun...
Oracle Solaris Third-Party Patch Update : libtiff (cve_2012_2088_denial_of)
The remote Solaris system is missing necessary patches to address security updates : - Integer signedness error in the TIFFReadDirectory function in tifdirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code...
CVE-2014-9381
Integer signedness error in the dissectorcvs function in dissectors/eccvs.c in Ettercap 0.8.1 allows remote attackers to cause a denial of service crash via a crafted password, which triggers a large memory allocation...
CVE-2014-9381
CVE-2014-9381 affects Ettercap 0.8.x (notably prior to 0.8.2). The root cause is a signedness error in the dissector_cvs.c function, leading to vulnerability when processing crafted input (a crafted password) which can trigger a large memory allocation and cause a denial of service. Public docume...
CVE-2013-4148
Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...
Integer overflow
Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...
CVE-2013-4148
The CVE-2013-4148 entry applies to QEMU 1.x prior to 1.7.2, where an integer signedness error in hw/net/virtio-net.c (virtio_net_load) can trigger a buffer overflow when loading a crafted savevm image. This enables remote code execution with the privileges of the QEMU process, via a state-load/mi...
CVE-2013-4148
Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...
CVE-2011-2702
Integer signedness error in Glibc before 2.13 and eglibc before 2.13, when using Supplemental Streaming SIMD Extensions 3 SSSE3 optimization, allows context-dependent attackers to execute arbitrary code via a negative length parameter to 1 memcpy-ssse3-rep.S, 2 memcpy-ssse3.S, or 3 memset-sse2.S ...
CVE-2014-1245
Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted stsz atom in a movie file...
Integer overflow
Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted stsz atom in a movie file...
CVE-2014-1261
CVE-2014-1261 concerns a signedness error in CoreText on Apple OS X Mavericks before 10.9.2. The vulnerability allows remoteCode execution or a denial of service via a crafted Unicode font when applications load fonts, per the NVD description. Affected product: OS X Mavericks (and OS X before 10....
CVE-2014-1245
Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted stsz atom in a movie file...
CVE-2014-1245
Apple QuickTime before 7.7.5 contains a vulnerability in the processing of the stsz atom within movie files. This can allow remote code execution or a crash when a crafted stsz value is processed in a QuickTime viewing context. Exploitation requirements include user interaction (per ZDI advisory)...
CVE-2014-1261
Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted Unicode font...
CVE-2013-4148
Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...
CVE-2013-6489
CVE-2013-6489 is a Pidgin vulnerability in the MXit functionality where an integer signedness error on a crafted MXit emoticon value can trigger an integer overflow and a buffer overflow, leading to a DoS (segmentation fault) or application crash. Affected product is Pidgin (libpurple) up through...
CVE-2013-6489
Integer signedness error in the MXit functionality in Pidgin before 2.10.8 allows remote attackers to cause a denial of service segmentation fault via a crafted emoticon value, which triggers an integer overflow and a buffer overflow...
CVE-2013-6489
Integer signedness error in the MXit functionality in Pidgin before 2.10.8 allows remote attackers to cause a denial of service segmentation fault via a crafted emoticon value, which triggers an integer overflow and a buffer overflow...
CVE-2013-7014
Integer signedness error in the addbytesl2c function in libavcodec/pngdsp.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted PNG data...