OpenSSL 1.0.1 < 1.0.1c Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.0.1c. It is, therefore, affected by a vulnerability as referenced in the 1.0.1c advisory. - Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC...

OpenSSL 1.0.0 < 1.0.0j Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.0.0j. It is, therefore, affected by a vulnerability as referenced in the 1.0.0j advisory. - Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC...

Vulnerability in OpenSSL - Invalid TLS/DTLS record attack

An integer underflow flaw, leading to a buffer over-read, was found in the way OpenSSL handled TLS 1.1, TLS 1.2, and DTLS Datagram Transport Layer Security application data record lengths when using a block cipher in CBC cipher-block chaining mode. A malicious TLS 1.1, TLS 1.2, or DTLS client or...

RealNetworks RealPlayer MPG Width Integer Underflow Memory Corruption (CVE-2011-4259)

An memory corruption vulnerability has been reported in RealNetworks RealPlayer. The vulnerability is due to an integer underflow condition caused while handling MPEG-2 files with a specially crafted width parameter. A remote attacker may exploit this issue by enticing a target user to open a...

CVE-2011-4031

Integer underflow in the asfrtpparsepacket function in libavformat/rtpdecasf.c in FFmpeg before 0.8.3 allows remote attackers to execute arbitrary code via a crafted ASF packet...

CVE-2011-4031

Integer underflow in the asfrtpparsepacket function in libavformat/rtpdecasf.c in FFmpeg before 0.8.3 allows remote attackers to execute arbitrary code via a crafted ASF packet...

CVE-2011-4031

CVE-2011-4031 affects FFmpeg/libavformat: an integer underflow in asfrtp_parse_packet (rtpdec_asf.c) allows remote code execution via a crafted ASF packet. Impacted software is FFmpeg before 0.8.3; the vulnerability is fixed in 0.8.3. Related advisories (Ubuntu USN, Red Hat, NVD) confirm the issu...

CVE-2011-4031

Integer underflow in the asfrtpparsepacket function in libavformat/rtpdecasf.c in FFmpeg before 0.8.3 allows remote attackers to execute arbitrary code via a crafted ASF packet...

CVE-2011-4031

Integer underflow in the asfrtpparsepacket function in libavformat/rtpdecasf.c in FFmpeg before 0.8.3 allows remote attackers to execute arbitrary code via a crafted ASF packet...

wireshark: Heap-based buffer over-read in Visual Networks dissector

Integer underflow in the visualread function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service application crash via a malformed Visual Networks file that triggers a heap-based buffer over-read...

CVE-2012-0642

Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service device crash via a crafted catalog file in an HFS disk image...

CVE-2012-0642

Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service device crash via a crafted catalog file in an HFS disk image...

CVE-2012-0642

The CVE-2012-0642 entry concerns an integer underflow in Apple iOS prior to 5.1 related to handling of HFS catalog files inside an image. The vulnerability could allow a remote attacker to execute arbitrary code or cause a device crash via a crafted catalog file in an HFS disk image. Affected pro...

kernel: security and bugfix update. (important)

The openSUSE 11.4 kernel was updated to fix bugs and security issues. Following security issues have been fixed: CVE-2011-4604: If root does read on a specific socket, it's possible to corrupt kernel memory over network, with an ICMP packet, if the B.A.T.M.A.N. mesh protocol is used. CVE-2011-269...

Citrix Provisioning Services Opcode 40020006 Integer Underflow

Added: 01/20/2012 BID: 49803 Background Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk. Problem Citrix Provisioning Services 5.6 SP1 and prior are vulnerable to a remotely exploitable integer...

Citrix Provisioning Services Opcode 40020006 Integer Underflow

Added: 01/20/2012 BID: 49803 Background Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk. Problem Citrix Provisioning Services 5.6 SP1 and prior are vulnerable to a remotely exploitable integer...

Citrix Provisioning Services Opcode 40020006 Integer Underflow

Added: 01/20/2012 BID: 49803 Background Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk. Problem Citrix Provisioning Services 5.6 SP1 and prior are vulnerable to a remotely exploitable integer...

Citrix Provisioning Services Opcode 40020006 Integer Underflow

Added: 01/20/2012 BID: 49803 Background Citrix Provisioning Services dynamically provisions virtual servers to simplify and streamline server management, while reducing software rollout risk. Problem Citrix Provisioning Services 5.6 SP1 and prior are vulnerable to a remotely exploitable integer...

SuSE 11.1 Security Update : Mozilla Firefox (SAT Patch Number 5224)

Mozilla Firefox was updated to version 3.6.23, fixing various bugs and security issues. - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certai...

ZDI-11-331 : RealNetwork RealPlayer MPG Width Integer Underflow Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-331 : RealNetwork RealPlayer MPG Width Integer Underflow Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-331 November 28, 2011 - -- CVE ID: CVE-2011-4259 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...