4765 matches found
RealNetworks RealPlayer MPG Width Integer Underflow Memory Corruption - ver 2 (CVE-2011-4259)
An memory corruption vulnerability has been reported in RealNetworks RealPlayer. The vulnerability is due to an integer underflow condition caused while handling MPEG-2 files with a specially crafted width parameter. A remote attacker may exploit this issue by enticing a target user to open a...
CVE-2014-9376
Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a denial of service out-of-bounds write and possibly execute arbitrary code via a small 1 size variable value in the dissectordhcp function in dissectors/ecdhcp.c, 2 length value to the dissectorgg function in dissectors/ecgg.c,...
CVE-2014-9376
Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a denial of service out-of-bounds write and possibly execute arbitrary code via a small 1 size variable value in the dissectordhcp function in dissectors/ecdhcp.c, 2 length value to the dissectorgg function in dissectors/ecgg.c,...
CVE-2014-9376
Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a denial of service out-of-bounds write and possibly execute arbitrary code via a small 1 size variable value in the dissectordhcp function in dissectors/ecdhcp.c, 2 length value to the dissectorgg function in dissectors/ecgg.c,...
CVE-2014-9376
Integer underflow in Ettercap 0.8.1 allows remote attackers to cause a denial of service out-of-bounds write and possibly execute arbitrary code via a small 1 size variable value in the dissectordhcp function in dissectors/ecdhcp.c, 2 length value to the dissectorgg function in dissectors/ecgg.c,...
CVE-2014-9376
The CVE-2014-9376 entry refers to Ettercap (0.8.x) with an Integer underflow in dissector_dhcp (and related checks in dissector_gg, ec_utils, TN3270) causing a potential out-of-bounds write, denial of service and possible code execution. Public advisories (Gentoo GLSA 201505-01 and Fedora/Nessus ...
Linux Kernel SCTP Handshake Denial of Service (CVE-2014-0101)
An integer underflow has been found in the SCTP networking module of the Linux kernel. The vulnerability is due to a boundary check error. A remote attacker can exploit this vulnerability by sending crafted SCTP packets to a vulnerable system. A successful attack will prevent further SCTP...
CVE-2014-9087
Integer underflow in the ksbaoidtostr function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service crash via a crafted OID in a 1 S/MIME message or 2 ECC based OpenPGP data, which triggers a buffer overflow...
CVE-2014-9087
Integer underflow in the ksbaoidtostr function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service crash via a crafted OID in a 1 S/MIME message or 2 ECC based OpenPGP data, which triggers a buffer overflow...
CVE-2014-9087
Integer underflow in the ksbaoidtostr function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service crash via a crafted OID in a 1 S/MIME message or 2 ECC based OpenPGP data, which triggers a buffer overflow...
CVE-2014-9087
CVE-2014-9087: Libksba’s ksba_oid_to_str() has an integer underflow pre-1.3.2, used by GnuPG, enabling a crafted OID in S/MIME or ECC OpenPGP data to trigger a crash (DoS) or potential overflow. Affected: Libksba/libksba_oid_to_str; Fix: upgrade to Libksba 1.3.2 or newer. No exploit details in pr...
Debian DSA-3078-1 : libksba - security update
An integer underflow flaw, leading to a heap-based buffer overflow, was found in the ksbaoidtostr function of libksba, an X.509 and CMS PKCS7 library. By using special crafted S/MIME messages or ECC based OpenPGP data, it is possible to create a buffer overflow, which could cause an application...
[SECURITY] [DSA 3078-1] libksba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3078-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 27, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3078-1] libksba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3078-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso November 27, 2014 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3078-1 (libksba - security update)
An integer underflow flaw, leading to a heap-based buffer overflow, was found in the ksbaoidtostr function of libksba, an X.509 and CMS PKCS7 library. By using special crafted S/MIME messages or ECC based OpenPGP data, it is possible to create a buffer overflow, which could cause an application...
CVE-2014-9087
Integer underflow in the ksbaoidtostr function in Libksba before 1.3.2, as used in GnuPG, allows remote attackers to cause a denial of service crash via a crafted OID in a 1 S/MIME message or 2 ECC based OpenPGP data, which triggers a buffer overflow...
CVE-2014-8767
Integer underflow in the olsrprint function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service crash via a crafted length value in an OLSR frame...
CVE-2014-8767
Integer underflow in the olsrprint function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service crash via a crafted length value in an OLSR frame...
Integer overflow
Integer underflow in the olsrprint function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service crash via a crafted length value in an OLSR frame...
CVE-2014-8767
Integer underflow in the olsrprint function in tcpdump 3.9.6 through 4.6.2, when in verbose mode, allows remote attackers to cause a denial of service crash via a crafted length value in an OLSR frame...