4161 matches found
CVE-2014-8546
Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted Cinepak video data...
CVE-2014-8546
CVE-2014-8546 : FFmpeg contains an integer underflow in libavcodec/cinepak.c (pre-2.4.2) that can be exploited by remote attackers via crafted Cinepak data to cause a denial of service (out-of-bounds access). Affected product is FFmpeg prior to 2.4.2; remediation is to upgrade to FFmpeg 2.4.2 or ...
CVE-2014-8546
Integer underflow in libavcodec/cinepak.c in FFmpeg before 2.4.2 allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted Cinepak video data...
PT-2015-1015 · Openssl +8 · Openssl +12
Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 0.9.8za OpenSSL versions prior to 1.0.0m OpenSSL versions prior to 1.0.1h Description: The issue affects the confidentiality, integrity, and availability of protected information. It can be exploited remotely,...
kernel, perf, python security update
CentOS Errata and Security Advisory CESA-2014:1167 Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System...
Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2333-1)
A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service system crash via an open system call. CVE-2014-0203 Toralf Forster reported an error in the Linux kernels syscall auditing on 32 bit...
Ubuntu 10.04 LTS : linux vulnerabilities (USN-2332-1)
A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service system crash via an open system call. CVE-2014-0203 Toralf Forster reported an error in the Linux kernels syscall auditing on 32 bit...
Ubuntu: Security Advisory (USN-2332-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2337-1: Linux kernel vulnerabilities
A flaw was discovered in the Linux kernel virtual machine's kvm validation of interrupt requests irq. A guest OS user could exploit this flaw to cause a denial of service host OS crash. CVE-2014-0155 Andy Lutomirski discovered a flaw in the authorization of netlink socket operations when a socket...
USN-2336-1: Linux kernel (Trusty HWE) vulnerabilities
A flaw was discovered in the Linux kernel virtual machine's kvm validation of interrupt requests irq. A guest OS user could exploit this flaw to cause a denial of service host OS crash. CVE-2014-0155 Andy Lutomirski discovered a flaw in the authorization of netlink socket operations when a socket...
USN-2334-1: Linux kernel vulnerabilities
An flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS. CVE-2014-3917 An information leak was discovered in the rdm...
USN-2333-1: Linux kernel (EC2) vulnerabilities
A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service system crash via an open system call. CVE-2014-0203 Toralf Förster reported an error in the Linux kernels syscall auditing on 32 bit...
USN-2332-1: Linux kernel vulnerabilities
A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service system crash via an open system call. CVE-2014-0203 Toralf Förster reported an error in the Linux kernels syscall auditing on 32 bit...
Kernel: filter: prevent nla extensions to peek beyond the end of the message
The 1 BPFSANCNLATTR and 2 BPFSANCNLATTRNEST extension implementations in the skrunfilter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service integer underflow and...
CVE-2014-1359
Integer underflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application...
CVE-2014-1359
CVE-2014-1359 affects Apple iOS < 7.1.2, OS X < 10.9.4, and Apple TV
tcpdump Print-bgp.C Remote Integer Underflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24965/info The 'tcpdump' utility is prone to an integer-underflow vulnerability because it fails to bounds-check user-supplied input before copying it into an insufficiently sized memory buffer. An attacker can exploit th...
Linux Kernel 2.6.x IPTables Logging Rules Integer Underflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/11488/info It is reported that an integer underflow vulnerability is present in the iptables logging rules of the Linux kernel 2.6 branch. A remote attacker may exploit this vulnerability to crash a computer that is runni...
File(1) <= 4.13 Command File_PrintF Integer Underflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23021/info The file1 command is prone to an integer-underflow vulnerability because the command fails to adequately handle user-supplied data. An attacker can leverage this issue to corrupt heap memory and execute arbitra...
Kernel: filter: prevent nla extensions to peek beyond the end of the message
The 1 BPFSANCNLATTR and 2 BPFSANCNLATTRNEST extension implementations in the skrunfilter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service integer underflow and...