CVE-2016-1645

Multiple integer signedness errors in the opjj2kupdateimagedata function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service incorrect cast and out-of-bounds write or possibly have unspecified other impact via crafted...

CVE-2010-3310

Multiple integer signedness errors in net/rose/afrose.c in the Linux kernel before 2.6.36-rc5-next-20100923 allow local users to cause a denial of service heap memory corruption or possibly have unspecified other impact via a rosegetname function call, related to the rosebind and roseconnect...

MGASA-2015-0176 Updated directfb packages fix security vulnerabilities

Updated directfb packages fix security vulnerabilities: Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo...

Security update for DirectFB (important)

DirectFB was updated to fix two security issues. The following vulnerabilities were fixed: CVE-2014-2977: Multiple integer signedness errors could allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based...

CVE-2014-9670

Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...

CVE-2014-9670

Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...

CVE-2014-9670

Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...

CVE-2014-9670

Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...

CVE-2014-9670

CVE-2014-9670 : In FreeType before 2.5.4, multiple integer signedness errors in the pcf_get_encodings function (pcf/pcfread.c) can be triggered by a crafted PCF file with negative values for the first column and first row, enabling a remote attacker to cause a denial of service via integer overfl...

CVE-2014-10024

CVE-2014-10024 involves multiple integer signedness errors in DirectShowDemuxFilter, used by Divx Web Player, Divx Player, and other Divx plugins. The flaw arises when parsing the Stream Format (STRF) chunk in an AVI file, where a negative or excessively large value can trigger a heap-based buffe...

CVE-2014-10024

Multiple integer signedness errors in DirectShowDemuxFilter, as used in Divx Web Player, Divx Player, and other Divx plugins, allow remote attackers to execute arbitrary code via a 1 negative or 2 large value in a Stream Format STRF chunk in an AVI file, which triggers a heap-based buffer overflo...

Design/Logic Flaw

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

CVE-2014-2977

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

CVE-2014-2977

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

CVE-2014-2977

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

CVE-2014-2977

CVE-2014-2977 in DirectFB (Dispatch_Write in proxy/dispatcher/idirectfbsurface_dispatcher.c) allows remote attackers to cause a denial of service (crash) and possibly execute code via the Voodoo interface; CVE-2014-2978 is an out-of-bounds write in the same area. Connected advisories confirm thes...

CVE-2013-7328

CVE-2013-7328 affects PHP 5.5.x before 5.5.9 due to multiple integer signedness errors in the gdImageCrop function (ext/gd/gd.c). A remote attacker can trigger a denial of service (application crash) or information disclosure by calling imagecrop with a negative x or y dimension. The issue is tie...

CVE-2013-7328

Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service application crash or obtain sensitive information via an imagecrop function call with a negative value for the 1 x or 2 y dimension, a...

PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities

Binary data 8125.prm...

CVE-2013-6477

Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...