1012 matches found
Integer overflow
Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted stsz atom in a movie file...
CVE-2014-1245
Integer signedness error in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted stsz atom in a movie file...
CVE-2014-1261
CVE-2014-1261 concerns a signedness error in CoreText on Apple OS X Mavericks before 10.9.2. The vulnerability allows remoteCode execution or a denial of service via a crafted Unicode font when applications load fonts, per the NVD description. Affected product: OS X Mavericks (and OS X before 10....
CVE-2014-1245
Apple QuickTime before 7.7.5 contains a vulnerability in the processing of the stsz atom within movie files. This can allow remote code execution or a crash when a crafted stsz value is processed in a QuickTime viewing context. Exploitation requirements include user interaction (per ZDI advisory)...
CVE-2014-1261
Integer signedness error in CoreText in Apple OS X before 10.9.2 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted Unicode font...
CVE-2013-4148
Integer signedness error in the virtionetload function in hw/net/virtio-net.c in QEMU 1.x before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image, which triggers a buffer overflow...
CVE-2013-7328
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service application crash or obtain sensitive information via an imagecrop function call with a negative value for the 1 x or 2 y dimension, a...
CVE-2013-7328
CVE-2013-7328 affects PHP 5.5.x before 5.5.9 due to multiple integer signedness errors in the gdImageCrop function (ext/gd/gd.c). A remote attacker can trigger a denial of service (application crash) or information disclosure by calling imagecrop with a negative x or y dimension. The issue is tie...
CVE-2013-7328
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service application crash or obtain sensitive information via an imagecrop function call with a negative value for the 1 x or 2 y dimension, a...
CVE-2013-7328
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service application crash or obtain sensitive information via an imagecrop function call with a negative value for the 1 x or 2 y dimension, a...
PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities
Binary data 8125.prm...
CVE-2013-6477
Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...
CVE-2013-6489
CVE-2013-6489 is a Pidgin vulnerability in the MXit functionality where an integer signedness error on a crafted MXit emoticon value can trigger an integer overflow and a buffer overflow, leading to a DoS (segmentation fault) or application crash. Affected product is Pidgin (libpurple) up through...
CVE-2013-6489
Integer signedness error in the MXit functionality in Pidgin before 2.10.8 allows remote attackers to cause a denial of service segmentation fault via a crafted emoticon value, which triggers an integer overflow and a buffer overflow...
CVE-2013-6489
Integer signedness error in the MXit functionality in Pidgin before 2.10.8 allows remote attackers to cause a denial of service segmentation fault via a crafted emoticon value, which triggers an integer overflow and a buffer overflow...
CVE-2013-6477
Pidgin/libpurple prior to version 2.10.8 is vulnerable to a denial of service via a crafted timestamp in an XMPP message, caused by multiple integer signedness errors in the codepath handling XMPP timestamps. The issue is explicitly identified as CVE-2013-6477. Connected advisories show that the ...
CVE-2013-6477
Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...
CVE-2013-6477
Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...
CVE-2013-6477
Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...
CVE-2013-6489
Integer signedness error in the MXit functionality in Pidgin before 2.10.8 allows remote attackers to cause a denial of service segmentation fault via a crafted emoticon value, which triggers an integer overflow and a buffer overflow...