CVE-2005-0975

CVE-2005-0975 describes an integer signedness error in the Darwin kernel’s mach-o loader (mach_loader.c) used by Mac OS X 10.3.7 and earlier versions (before 10.3.9). The vulnerability allows local users to cause a denial of service (CPU consumption) by presenting a crafted mach-o header. The pro...

CVE-2005-0482

TrackerCam 5.12 and earlier is affected by CVE-2005-0482. The vulnerability allows remote denial of service (crash) via two vectors: (1) a large number of connections with a negative Content-Length header that may trigger a signedness error, and (2) a large amount of data. The sources cite these ...

CVE-2005-0340

CVE-2005-0340 describes a vulnerability in Apple File Service (AFP Server) where an integer signedness error in FPLoginExt handling of a negative UAM string length can allow a remote attacker to cause a denial of service (application crash). The impact is a network-exposed DoS; the sources do not...

CVE-2005-0340

Integer signedness error in Apple File Service AFP Server allows remote attackers to cause a denial of service application crash via a negative UAM string length in a FPLoginExt packet...

CVE-2004-1008

Integer signedness error in the ssh2rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2MSGDEBUG packet with a modified stringlen parameter, which leads to a buffer overflow...

CVE-2004-1008

Integer signedness error in the ssh2rdpkt function in PuTTY before 0.56 allows remote attackers to execute arbitrary code via a SSH2MSGDEBUG packet with a modified stringlen parameter, which leads to a buffer overflow...

CVE-2004-1035

Multiple integer signedness errors in 1 imapcommon.c, 2 main.c, 3 request.c, and 4 select.c for up-imapproxy IMAP proxy 1.2.2 allow remote attackers to cause a denial of service server crash and possibly leak sensitive information via certain literal values that are not properly handled when usin...

CVE-2002-1420

Integer signedness error in select on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned integer during a data copying operation...

CVE-2002-1420

OpenBSD 3.1 and earlier are affected by a local privilege escalation due to an integer signedness error in select(2): a negative size value passes the boundary check as signed but is then used as unsigned during a data copy, allowing a local user to overwrite kernel memory. Impact: local code/ker...

CVE-2003-0075

Integer signedness error in the myFseek function of samplein.c for Blade encoder BladeEnc 0.94.2 and earlier allows remote attackers to execute arbitrary code via a negative offset value following a "fmt" wave chunk...

CVE-2003-0075

CVE-2003-0075 describes a signedness error in the myFseek function of samplein.c in Blade encoder (BladeEnc) 0.94.2 and earlier. The issue allows remote attackers to execute arbitrary code via a negative offset value following a "fmt" wave chunk. Affected component: BladeEnc, version

CVE-2002-0036

Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value...

CVE-2004-0228

Integer signedness error in the cpufreq proc handler cpufreqprocctl in Linux kernel 2.6 allows local users to gain privileges...

CVE-2004-0493

The apgetmimeheaderscore function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service memory exhaustion, and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters...

CVE-2004-0493

The apgetmimeheaderscore function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service memory exhaustion, and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header lines with large numbers of space or tab characters...

CVE-2004-0661

Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service IP lease depletion via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or more years...

Mandrake Linux Security Advisory : krb5 (MDKSA-2003:043-1)

Multiple vulnerabilities have been found in the Kerberos network authentication system. The MIT Kerberos team have released an advisory detailing these vulnerabilities, a description of which follows. An integer signedness error in the ASN.1 decoder before version 1.2.5 allows remote attackers to...

CVE-2004-0661

Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service IP lease depletion via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or more years...

CVE-2004-0228

Integer signedness error in the cpufreq proc handler cpufreqprocctl in Linux kernel 2.6 allows local users to gain privileges...

CVE-2004-0228

CVE-2004-0228 refers to an integer signedness error in the cpufreq /proc handler (cpufreq_procctl) of the Linux 2.6 kernel, enabling local users to escalate privileges to kernel level. The issue is discussed in multiple advisories (e.g., SUSE, Gentoo GLSA 200407-02, Fedora 2004-111) as part of Li...