1012 matches found
CVE-2013-5174
Integer signedness error in the kernel in Apple Mac OS X before 10.9 allows local users to cause a denial of service system crash via a crafted tty read operation...
CVE-2013-5174
CVE-2013-5174 affects the Apple Mac OS X kernel prior to 10.9. The issue is an integer signedness error in the kernel’s handling of a crafted tty read operation, enabling a local user to trigger a denial of service (system crash) . Root cause is the signedness bug in the kernel code. Public refer...
RHEL 5 : php53 (RHSA-2013:1307)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1307 advisory. - php: paths with NULL character were considered valid CVE-2006-7243 - PHP: sapiheaderop %0D sequence handling security bypass CVE-2011-1398...
CVE-2013-0211
Integer signedness error in the archivewritezipdata function in archivewritesetformatzip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service crash via unspecified vectors, which triggers an improper conversion between...
CVE-2013-0211
Integer signedness error in the archivewritezipdata function in archivewritesetformatzip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service crash via unspecified vectors, which triggers an improper conversion between...
CVE-2013-0211
CVE-2013-0211 involves an integer signedness error in the libarchive library (archive_write_zip_data in archive_write_set_format_zip.c) on 64-bit systems, which can cause a buffer overflow and crash (denial of service) via unspecified vectors. Connected sources confirm this issue in libarchive 3....
CVE-2013-0211
Integer signedness error in the archivewritezipdata function in archivewritesetformatzip.c in libarchive 3.1.2 and earlier, when running on 64-bit machines, allows context-dependent attackers to cause a denial of service crash via unspecified vectors, which triggers an improper conversion between...
Amazon Linux AMI : lighttpd (ALAS-2012-107)
Integer signedness error in the base64decode function in the HTTP authentication functionality httpauth.c in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service segmentation fault via crafted base64 input that triggers an out-of-bounds...
DEBIAN-CVE-2013-4928
Integer signedness error in the dissectheaders function in epan/dissectors/packet-btobex.c in the Bluetooth OBEX dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service infinite loop via a crafted packet...
CVE-2013-4927
Integer signedness error in the gettypelength function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service loop and CPU consumption via a crafted packet...
CVE-2013-4927
Integer signedness error in the gettypelength function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service loop and CPU consumption via a crafted packet...
CVE-2013-4925
Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted packet...
CVE-2013-4925
Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted packet...
CVE-2013-4925
Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted packet...
CVE-2013-4925
Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted packet...
CVE-2013-4925
Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a crafted packet...
CVE-2013-4927
Integer signedness error in the gettypelength function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service loop and CPU consumption via a crafted packet...
CVE-2013-4927
Integer signedness error in the gettypelength function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service loop and CPU consumption via a crafted packet...
CVE-2013-2028
The ngxhttpparsechunked function in http/ngxhttpparse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service crash and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based...
CVE-2013-2028
The CVE-2013-2028 issue affects nginx 1.3.9–1.4.0, where the ngx_http_parse_chunked function mishandles large chunk sizes in chunked Transfer-Encoding. The root cause is an integer signedness error that leads to a stack-based buffer overflow, enabling remote denial of service and potential code e...