1012 matches found
CVE-2007-1730
Integer signedness error in the DCCP support in the dodccpgetsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later allows local users to read kernel memory or cause a denial of service oops via a negative optlen value...
CVE-2007-1730
Integer signedness error in the DCCP support in the dodccpgetsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later allows local users to read kernel memory or cause a denial of service oops via a negative optlen value...
CVE-2007-1730
CVE-2007-1730 is a local kernel vulnerability due to an integer signedness error in the DCCP path (do_dccp_getsockopt) affecting Linux kernels 2.6.20 and later. The flaw allows a local user to read kernel memory or trigger a denial of service via a negative optlen. This is confirmed by Red Hat CV...
CVE-2007-1730
Integer signedness error in the DCCP support in the dodccpgetsockopt function in net/dccp/proto.c in Linux kernel 2.6.20 and later allows local users to read kernel memory or cause a denial of service oops via a negative optlen value...
CVE-2007-1578
Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD mcrimap4.exe 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow...
CVE-2007-1578
CVE-2007-1578 : MERCUR IMAPD (Atrium MERCUR Messaging Server) is affected by multiple NTLMSSP-related memory corruption issues in the IMAP service’s NTLMSSP handling. The flaw is described as a stack-based buffer overflow triggered by a long NTLMSSP argument, allowing remote attackers to execute ...
CVE-2007-1578
Multiple integer signedness errors in the NTLM implementation in Atrium MERCUR IMAPD mcrimap4.exe 5.00.14, with SP4, allow remote attackers to execute arbitrary code via a long NTLMSSP argument that triggers a stack-based buffer overflow...
CVE-2006-7095
Integer signedness error in the networkreceivepacket function in socket.c in dimension 3 engine dim3 1.5 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large datalen value, which is cast to a signed short and results in...
CVE-2006-6013
Integer signedness error in the fwioctl FWIOCTL function in the FireWire IEEE-1394 drivers dev/firewire/fwdev.c in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows...
CVE-2006-6013
Integer signedness error in the fwioctl FWIOCTL function in the FireWire IEEE-1394 drivers dev/firewire/fwdev.c in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows...
CVE-2006-6013
Integer signedness error in the fwioctl FWIOCTL function in the FireWire IEEE-1394 drivers dev/firewire/fwdev.c in various BSD kernels, including DragonFlyBSD, FreeBSD 5.5, MidnightBSD 0.1-CURRENT before 20061115, NetBSD-current before 20061116, NetBSD-4 before 20061203, and TrustedBSD, allows...
CVE-2006-6013
The CVE-2006-6013 issue affects the FireWire (IEEE-1394) driver fwdev.c in several BSDs, where in the FW_GCROM ioctl a signed integer comparison is used to compute the length of a buffer copied from kernel memory, effectively enabling a local user to read arbitrary kernel memory contents when cro...
CVE-2006-4516
Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service memory corruption and kernel panic via a PTLWPINFO ptrace command with a large negative data value that satisfies a signed maximum value check but is used in an unsigned copyout function call...
CVE-2006-4516
CVE-2006-4516 affects FreeBSD 6.0-RELEASE. The kernel’s PT_LWPINFO ptrace handling has a signedness flaw: a large negative data value can bypass the signed check and be passed to copyout, causing memory corruption and kernel panic. Impact is a local denial-of-service condition. Described in iDefe...
CVE-2006-4178
Integer signedness error in the i386setldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service crash via unspecified arguments that use negative signed integers to cause the bzero function to be called with a large length parameter, a...
CVE-2006-4178
CVE-2006-4178 is a local denial-of-service vulnerability in FreeBSD’s i386_set_ldt implementation. The issue arises from signedness in the i386_ldt handling: user-controlled start and num are added into a signed i, and if i becomes negative, bzero is invoked with a very large length, allowing a k...
CVE-2006-4178
Integer signedness error in the i386setldt call in FreeBSD 5.5, and possibly earlier versions down to 5.2, allows local users to cause a denial of service crash via unspecified arguments that use negative signed integers to cause the bzero function to be called with a large length parameter, a...
iDefense Security Advisory 09.23.06: FreeBSD i386_set_ldt Integer Signedness Vulnerability
FreeBSD i386setldt Integer Signedness Vulnerability iDefense Security Advisory 09.23.06 http://www.idefense.com/intelligence/vulnerabilities/ Sep 23, 2006 I. BACKGROUND FreeBSD is a modern operating system for x86, amd64, Alpha, IA-64, PC-98 and SPARC architectures. It's based on the UNIX operati...
Opera: Buffer overflow
Background Opera is a multi-platform web browser. Description SEC Consult has discovered a buffer overflow in the code processing style sheet attributes. It is caused by an integer signedness error in a length check followed by a call to a string function. It seems to be hard to exploit this buff...
Important: Red Hat Security Advisory: postgresql security update
Updated postgresql packages that fix several security vulnerabilities are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PostgreSQL is an advanced Object-Relational database management syste...