CVE-2011-3191

Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service memory corruption or possibly have unspecified other impact via a large length value in a response to a read request for a directory...

CVE-2011-3191

Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service memory corruption or possibly have unspecified other impact via a large length value in a response to a read request for a directory...

CVE-2011-2906

The issue is an integer signedness error in the Linux kernel's pmcraid_ioctl_passthrough under drivers/scsi/pmcraid.c, affecting pre-3.1 kernels. It may allow local attackers to cause denial of service via a negative size value in an ioctl call, typically in environments with a privileged program...

CVE-2011-2906

Integer signedness error in the pmcraidioctlpassthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service memory consumption or memory corruption via a negative size value in an ioctl call. NOTE: this may be a vulnerability only...

CVE-2011-3045

Integer signedness error in the pnginflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PNG file, a...

CVE-2011-3045

Integer signedness error in the pnginflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted PNG file, a...

CVE-2011-3045

CVE-2011-3045 describes an integer signedness error in libpng’s png_inflate (pngrutil.c) affecting libpng before 1.4.10beta01. The vulnerability, cited as used in Google Chrome before 17.0.963.83 and other products, can cause a denial of service (application crash) or potentially allow arbitrary ...

FreeBSD Ports: lighttpd

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2012-0915

Summary: CVE-2012-0915 concerns RenRen Talk 2.9, where an integer signedness error in skin-file handling enables a remote attacker to trigger a heap-based buffer overflow via a crafted BMP image. The fault is in how dimensions of a skin file are processed, leading to arbitrary code execution as d...

DEBIAN-CVE-2011-4362

Integer signedness error in the base64decode function in the HTTP authentication functionality httpauth.c in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service segmentation fault via crafted base64 input that triggers an out-of-bounds...

CVE-2011-4362

Integer signedness error in the base64decode function in the HTTP authentication functionality httpauth.c in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service segmentation fault via crafted base64 input that triggers an out-of-bounds...

CVE-2011-4362

Integer signedness error in the base64decode function in the HTTP authentication functionality httpauth.c in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service segmentation fault via crafted base64 input that triggers an out-of-bounds...

CVE-2011-4362

Integer signedness error in the base64decode function in the HTTP authentication functionality httpauth.c in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service segmentation fault via crafted base64 input that triggers an out-of-bounds...

CVE-2011-4362

CVE-2011-4362 affects lighttpd: a signedness error in the base64_decode routine used by HTTP authentication (http_auth.c) can trigger an out-of-bounds read with a negative index, allowing a remote attacker to cause a denial of service (segmentation fault). Impacted versions are lighttpd 1.4 befor...

Debian DSA-2336-1 : ffmpeg - several vulnerabilities

Multiple vulnerabilities were found in FFmpeg, a multimedia player, server and encoder : - CVE-2011-3362 An integer signedness error in decoderesidualblock function of the Chinese AVS video CAVS decoder in libavcodec can lead to denial of service memory corruption and application crash or possibl...

CVE-2011-3248

Integer signedness error in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted font table in a QuickTime movie file...

CVE-2011-3248

CVE-2011-3248 affects Apple QuickTime (pre-7.7.1). A signedness error in the handling of font tables embedded in QuickTime movie files can be exploited by a crafted file to cause a remote code execution or application crash. The vulnerability is documented in ZDI-12-005 and tracked publicly with ...

CVE-2011-3437

Integer signedness error in Apple Type Services ATS in Apple Mac OS X 10.7 before 10.7.2 allows remote attackers to execute arbitrary code via a crafted embedded Type 1 font in a document...

CVE-2011-3437

Integer signedness error in Apple Type Services ATS in Apple Mac OS X 10.7 before 10.7.2 allows remote attackers to execute arbitrary code via a crafted embedded Type 1 font in a document...

CVE-2011-3437

CVE-2011-3437 affects Apple OS X 10.7 prior to 10.7.2, caused by an ATS (Apple Type Services) signedness error in handling Type 1 fonts. A crafted embedded Type 1 font in a document can lead to remote arbitrary code execution. The vulnerability impact is described as arbitrary code execution with...