741 matches found
CVE-2007-3726
Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...
CVE-2007-3726
Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...
CVE-2007-3726
Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...
CVE-2007-3726
Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...
CVE-2007-3726
Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...
GLSA-200707-02 : OpenOffice.org: Two buffer overflows
The remote host is affected by the vulnerability described in GLSA-200707-02 OpenOffice.org: Two buffer overflows John Heasman of NGSSoftware has discovered a heap-based buffer overflow when parsing the 'prdata' tag in RTF files where the first token is smaller than the second one CVE-2007-0245...
CVE-2007-2443
Integer signedness error in the gssrpcsvcauthunix function in svcauthunix.c in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value...
CVE-2007-2443
Integer signedness error in the gssrpcsvcauthunix function in svcauthunix.c in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value...
Integer overflow
Integer signedness error in the gssrpcsvcauthunix function in svcauthunix.c in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value...
CVE-2007-2443
Integer signedness error in the gssrpcsvcauthunix function in svcauthunix.c in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value...
CVE-2007-2443
CVE-2007-2443 : MIT Kerberos 5 before or equal to 1.6.1 contains a signedness error in gssrpc__svcauth_unix() within svc_auth_unix.c of the RPC library, which could let a remote attacker execute arbitrary code via a negative length. Connected advisories indicate patches and backports in krb5/libg...
CVE-2007-2754
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative npoints value, which leads to an integer overflow and heap-based buffer overflow...
CVE-2007-2754
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative npoints value, which leads to an integer overflow and heap-based buffer overflow...
CVE-2007-2754
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative npoints value, which leads to an integer overflow and heap-based buffer overflow...
CVE-2007-2754
CVE-2007-2754 affects FreeType up to 2.3.4 and earlier, where a signedness error in truetype/ttgload.c can trigger a heap-based buffer overflow via a crafted TTF image with a negative n_points, enabling remote code execution per the description. Connected patches exist (e.g., Solaris X11 6.6.2 pa...
CVE-2007-2529
Integer signedness error in the acl facl system call in Solaris 10 before 20070507 allows local users to cause a denial of service kernel panic and possibly gain privileges via a certain argument, related to ACESETACL...
CVE-2007-2529
CVE-2007-2529 affects Solaris 10 (before 20070507) with an integer signedness error in the acl (facl) system call. The underlying issue is a signedness bug in ACE_SETACL handling, enabling local users to trigger a denial of service (kernel panic) and potentially escalate privileges. Publicly docu...
FreeType 2 -- Heap overflow vulnerability
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative npoints value, which leads to an integer overflow and heap-based buffer overflow...
CVE-2007-1997
Integer signedness error in the 1 cabunstore and 2 cabextract functions in libclamav/cab.c in Clam AntiVirus ClamAV before 0.90.2 allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-based...
CVE-2007-1997
Integer signedness error in the 1 cabunstore and 2 cabextract functions in libclamav/cab.c in Clam AntiVirus ClamAV before 0.90.2 allow remote attackers to execute arbitrary code via a crafted CHM file that contains a negative integer, which passes a signed comparison and leads to a stack-based...