CVE-2007-1321

CVE-2007-1321 is a local heap-based buffer overflow in the QEMU NE2000 emulator (NE2000 network device) used by Xen and possibly other products. It stems from an integer signedness error that lets crafted register values bypass sanity checks and trigger overflow. Public references indicate relate...

CVE-2007-1321

Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier wa...

CVE-2007-1321

Integer signedness error in the NE2000 emulator in QEMU 0.8.2, as used in Xen and possibly other products, allows local users to trigger a heap-based buffer overflow via certain register values that bypass sanity checks, aka QEMU NE2000 "receive" integer signedness error. NOTE: this identifier wa...

openSUSE 10 Security Update : opera (opera-1313)

Integer signedness error in Opera before 8.54 allows remote attackers to execute arbitrary code via long values in a stylesheet attribute, which pass a length check. CVE-2006-1834 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

openSUSE 10 Security Update : freetype2 (freetype2-3701)

This update of freetype2 fixes an integer signedness bug when handling TTF images. This bug can lead to a heap overflow that can be exploited to execute arbitrary code. CVE-2007-2754 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

openSUSE 10 Security Update : freetype2 (freetype2-3744)

This update of freetype2 fixes an integer signedness bug when handling TTF images. This bug can lead to a heap overflow that can be exploited to execute arbitrary code. CVE-2007-2754 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

CVE-2007-5225

Integer signedness error in FIFO filesystems named pipes on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the IPEEK ioctl...

Integer overflow

Integer signedness error in FIFO filesystems named pipes on Sun Solaris 8 through 10 allows local users to read the contents of unspecified memory locations via a negative maximum length value to the IPEEK ioctl...

iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability

Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability iDefense Security Advisory 10.02.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 02, 2007 I. BACKGROUND Solaris is a UNIX operating system developed by Sun Microsystems. More information can be found at the...

CVE-2007-3965

Unspecified vulnerability in uFMOD before 1.2.5 has unknown impact and attack vectors, possibly related to malformed files, and possibly an integer signedness error for relative note instruments...

Integer overflow

Unspecified vulnerability in uFMOD before 1.2.5 has unknown impact and attack vectors, possibly related to malformed files, and possibly an integer signedness error for relative note instruments...

CVE-2007-3965

CVE-2007-3965 affects uFMOD prior to 1.2.5. The vulnerability is described as unspecified with unknown impact and attack vectors, and may relate to malformed files and a possible integer signedness error for relative note instruments. No concrete exploitation details, affected platforms beyond th...

CVE-2007-3965

Unspecified vulnerability in uFMOD before 1.2.5 has unknown impact and attack vectors, possibly related to malformed files, and possibly an integer signedness error for relative note instruments...

CVE-2007-3726

Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...

CVE-2007-3726

Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...

CVE-2007-3726

Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...

CVE-2007-3726

Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...

CVE-2007-3726

Integer signedness error in the SETVALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of service crash via a crafted RAR archive that causes a negative signed number to be cast to a large...

GLSA-200707-02 : OpenOffice.org: Two buffer overflows

The remote host is affected by the vulnerability described in GLSA-200707-02 OpenOffice.org: Two buffer overflows John Heasman of NGSSoftware has discovered a heap-based buffer overflow when parsing the 'prdata' tag in RTF files where the first token is smaller than the second one CVE-2007-0245...

CVE-2007-2443

Integer signedness error in the gssrpcsvcauthunix function in svcauthunix.c in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value...