CVE-2003-0972

CVE-2003-0972 affects the GNU screen terminal multiplexer with an integer overflow in the handling of escape sequences (long sequences with semicolons), leading to a buffer overflow. Public advisories (e.g., Debian DSA-408) confirm local privilege escalation by gaining group utmp privileges and l...

CVE-2003-0721

Integer signedness error in rfc2231getparam from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number...

CVE-2003-0721

CVE-2003-0721 affects the Pine mail client, with a vulnerability in rfc2231_get_param() in strings.c that allows remote code execution via a crafted email, caused by an integer signedness/out-of-bounds issue. Affected versions are Pine prior to 4.58; multiple advisories (Red Hat RHSA-2003:274, SU...

CVE-2003-0721

Integer signedness error in rfc2231getparam from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number...

CVE-2003-0721

Integer signedness error in rfc2231getparam from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that address various security vulnerabilities are now available for Red Hat Enterprise Linux. The Linux kernel handles the basic functions of the operating system. Security issues have been found that affect the versions of the Linux kernel shipped with Red Hat Enterprise...

CVE-2003-0467

Unknown vulnerability in ipnatsackadjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIGIPNFNATFTP or CONFIGIPNFNATIRC is enabled, or the ipnatftp or ipnatirc modules are loaded, allows remote attackers to cause a denial of service crash in systems using NAT, possibly due to an...

CVE-2003-0467

The CVE-2003-0467 issue affects Netfilter NAT SACK handling (ip_nat_sack_adjust) in Linux kernels 2.4.20 and some 2.5.x when NAT FTP/IRC is enabled or ip_nat_ftp/irc modules are loaded. The root cause is an integer signedness handling in the Sack adjustment logic, which could allow a remote attac...

CVE-2003-0619

Integer signedness error in the decodefh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service kernel panic via a negative size value within XDR data of an NFSv3 procedure call...

CVE-2003-0619

The CVE-2003-0619 issue is an Integer signedness error in the decode_fh function of nfs3xdr.c in the Linux kernel prior to 2.4.21. Remote attackers could trigger a denial of service (kernel panic) by supplying a negative size value within XDR data of an NFSv3 procedure call. Public references not...

CVE-2003-0643

Integer signedness error in the Linux Socket Filter implementation filter.c in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service crash...

CVE-2003-0297

c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service crash and possibly execute arbitrary code via certain large 1 literal and 2 mailbox size values that cause either integer signedness errors or integer overflow errors...

CVE-2002-1420

Integer signedness error in select on OpenBSD 3.1 and earlier allows local users to overwrite arbitrary kernel memory via a negative value for the size parameter, which satisfies the boundary check as a signed integer, but is later used as an unsigned integer during a data copying operation...

CVE-2003-0075

Integer signedness error in the myFseek function of samplein.c for Blade encoder BladeEnc 0.94.2 and earlier allows remote attackers to execute arbitrary code via a negative offset value following a "fmt" wave chunk...

CVE-2002-0036

Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value...

CVE-2002-1397

CVE-2002-1397 refers to a buffer overflow in the cash_words() function of PostgreSQL 7.2 and earlier. The vulnerability allows local users to cause a denial of service and potentially execute arbitrary code via a malformed argument (notably a large negative value), linked to integer signedness/bu...

CVE-2002-1397

Vulnerability in the cashwords function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow...

CVE-2002-2180

The setitimer2 system call in OpenBSD 2.0 through 3.1 does not properly check certain arguments, which allows local users to write to kernel memory and possibly gain root privileges, possibly via an integer signedness error...

CVE-2002-0973

The CVE-2002-0973 entry describes an integer signedness error in FreeBSD 4.6.1 RELEASE-p10 and earlier affecting the (1) accept, (2) getsockname, (3) getpeername system calls, and (4) vesa FBIO_GETPALETTE ioctl. This vulnerability can allow attackers to access sensitive kernel memory by supplying...

CVE-2022-23967

Removed by vendor...