1012 matches found
CVE-2012-2088
Integer signedness error in the TIFFReadDirectory function in tifdirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion betwe...
Apple QuickTime QTVRStringAtom stringLength Parameter QTVR Movie File Handling
Added: 07/16/2012 CVE: CVE-2012-0667 BID: 53583 OSVDB: 81938 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to remote code execution if the user is persuaded to open a specially crafted QTVR movie file. Th...
Apple QuickTime QTVRStringAtom stringLength Parameter QTVR Movie File Handling
Added: 07/16/2012 CVE: CVE-2012-0667 BID: 53583 OSVDB: 81938 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to remote code execution if the user is persuaded to open a specially crafted QTVR movie file. Th...
Apple QuickTime QTVRStringAtom stringLength Parameter QTVR Movie File Handling
Added: 07/16/2012 CVE: CVE-2012-0667 BID: 53583 OSVDB: 81938 Background QuickTime is a media player for Windows and Mac OS platforms. Problem Apple QuickTime 7.7.1 and earlier versions are vulnerable to remote code execution if the user is persuaded to open a specially crafted QTVR movie file. Th...
Medium: lighttpd
Issue Overview: Integer signedness error in the base64decode function in the HTTP authentication functionality httpauth.c in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service segmentation fault via crafted base64 input that triggers a...
RedHat Update for openoffice.org RHSA-2011:0183-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2012-3368
Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...
CVE-2012-3368
Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...
CVE-2012-3368
Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...
CVE-2012-3368
CVE-2012-3368 affects dtach 0.8 due to an integer signedness error in attach.c that can allow remote disclosure of daemon stack memory after an improper connection-close, demonstrated by using an IRC client in dtach. Exploitation context is opportunistic and requires a specific sequence; no in‑do...
CVE-2012-3368
Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...
CVE-2012-3368
Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...
CVE-2012-2088
Integer signedness error in the TIFFReadDirectory function in tifdirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion betwe...
CVE-2011-2208
Integer signedness error in the osfgetdomainname function in arch/alpha/kernel/osfsys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call...
CVE-2011-2208
The CVE-2011-2208 vulnerability affects the Linux kernel on the Alpha platform, caused by an integer signedness error in osf_getdomainname in arch/alpha/kernel/osf_sys.c. It allows local users to access sensitive kernel memory. Impact is limited to local exploitation with partial confidentiality ...
CVE-2011-2208
Integer signedness error in the osfgetdomainname function in arch/alpha/kernel/osfsys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call...
CVE-2011-2209
Integer signedness error in the osfsysinfo function in arch/alpha/kernel/osfsys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call...
CVE-2011-2209
The CVE-2011-2209 issue affects the Linux kernel on the Alpha architecture, where an integer signedness error in osf_sysinfo (arch/alpha/kernel/osf_sys.c) could allow local users to obtain sensitive information from kernel memory via a crafted call. Vulnerable when using kernel versions before 2....
CVE-2011-2906
Integer signedness error in the pmcraidioctlpassthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service memory consumption or memory corruption via a negative size value in an ioctl call. NOTE: this may be a vulnerability only...
CVE-2011-3191
Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service memory corruption or possibly have unspecified other impact via a large length value in a response to a read request for a directory...