Heap overflow

Integer underflow in OpenOffice.org OOo before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow...

CVE-2009-0200

Integer underflow in OpenOffice.org OOo before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow...

Secunia Research: OpenOffice.org Word Document Table Parsing Integer Underflow

====================================================================== Secunia Research 01/09/2009 - OpenOffice.org Word Document Table Parsing Integer Underflow - ====================================================================== Table of Contents Affected...

CVE-2008-6995

Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome 0.2.149.27 allows remote attackers to cause a denial of service browser crash via a URI with an invalid handler followed by a "%" percent character, which triggers a buffer over-read, as demonstrated using an "about:%" URI...

CVE-2008-6995

Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome 0.2.149.27 allows remote attackers to cause a denial of service browser crash via a URI with an invalid handler followed by a "%" percent character, which triggers a buffer over-read, as demonstrated using an "about:%" URI...

CVE-2008-6995

Removed by vendor...

kernel: e1000_clean_rx_irq() denial of service

Integer underflow in the e1000cleanrxirq function in drivers/net/e1000/e1000main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet aka e1000 before 7.5.5 allows remote attackers to cause a denial of service panic via a...

VLC Media Player < 1.0.1 real_get_rdt_chunk() Function Overflow

The version of VLC media player installed on the remote host is earlier than 1.0.1. Such versions contain an integer underflow involving the integer 'size' in the 'realgetrdtchunkheader' function that can be triggered when reading Real Data Transport RDT chunk headers. This 'size' variable is use...

python: Potential integer underflow and overflow in the PyOS_vsnprintf C API function

Multiple integer overflows in the PyOSvsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service memory corruption or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of...

python: Potential integer underflow and overflow in the PyOS_vsnprintf C API function

Multiple integer overflows in the PyOSvsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service memory corruption or have unspecified other impact via crafted input to string formatting operations. NOTE: the handling of...

[Full-disclosure] [DZC-2009-001] The Movie Player and VLC Media Player Real Data Transport parsing integer underflow.

Advisory: The Movie Player and VLC Media Player Real Data Transport parsing integer underflow. Affected products: The Movie player svn r29438 1 VLC media player = 1.0.0 2 Possible others applications that use the xine lib code 3. Discovred by: tixxDZ tixxdz at gmail dot com DZCORE Labs, Algeria...

python security update

2.3.4-14.7.el48.2 - Fix all of the low priority security bugs: - Resolves: rhbz486329 - Multiple integer overflows in python core CVE-2008-2315 - Resolves: 455008 - PyStringFromStringAndSize does not check for negative size values CVE-2008-1887 - Resolves: 443810 - Multiple integer overflows...

CVE-2009-2547

Integer underflow in Armed Assault aka ArmA 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service crash via a VoIP over Network VON packet to port 2305 with a negative packetsize value, which triggers a buffer over-read...

Apache APR-Utils Multiple Denial of Service Vulnerabilities

Apache APR-Utils is prone to multiple denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2009-1385

Integer underflow in the e1000cleanrxirq function in drivers/net/e1000/e1000main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet aka e1000 before 7.5.5 allows remote attackers to cause a denial of service panic via a...

CVE-2009-1385

CVE-2009-1385 describes an integer underflow in the e1000/e1000e drivers of the Linux kernel (drivers/net/e1000/e1000_main.c) that can be triggered by a crafted frame size. Affects Linux kernel versions before 2.6.30-rc8 (and the e1000e driver) and Intel Wired Ethernet (e1000) before 7.5.5. Explo...

CVE-2009-0010

Integer underflow in QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, and Apple QuickTime before 7.6.2, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a PICT image with a crafted 0x77 Poly tag and a crafted length field, whi...

CVE-2009-0155

Integer underflow in CoreGraphics in Apple Mac OS X 10.5 before 10.5.7, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF file that triggers a heap-based...

CVE-2009-0010

CVE-2009-0010 is a QuickTime/Apple QuickDraw vulnerability affecting Apple QuickTime and Mac OS X. The issue is a heap-based buffer overflow in parsing PICT images, triggered by a crafted 0x77 Poly tag length, which can lead to remote code execution or a crash. Public disclosures cite affected pr...

CVE-2009-0010

Integer underflow in QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, and Apple QuickTime before 7.6.2, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a PICT image with a crafted 0x77 Poly tag and a crafted length field, whi...