CVE-2011-0654

CVE-2011-0654 describes an integer underflow in BowserWriteErrorLogEntry within the CIFS browser service (Mrxsmb.sys/bowser.sys) used by Active Directory; a malformed BROWSER ELECTION message can trigger a heap-based buffer overflow. Affected products include Windows XP SP2/SP3, Windows Server 20...

SuSE 11 Security Update : OpenOffice_org (SAT Patch Number 1258)

This update of OpenOffice.org fixes potential buffer overflow in EMF parser code enhwmf.cxx, emfplus.cxx Thanks to Petr Mladek. Additionally Secunia reported an integer underflow CVE-2009-0200 and a buffer overflow CVE-2009-0201 that could be triggered while parsing Word documents. Also provides...

CVE-2010-4529

Integer underflow in the irdagetsockopt function in net/irda/afirda.c in the Linux kernel before 2.6.37 on platforms other than x86 allows local users to obtain potentially sensitive information from kernel heap memory via an IRLMPENUMDEVICES getsockopt call...

Integer overflow

Integer underflow in the irdagetsockopt function in net/irda/afirda.c in the Linux kernel before 2.6.37 on platforms other than x86 allows local users to obtain potentially sensitive information from kernel heap memory via an IRLMPENUMDEVICES getsockopt call...

CVE-2010-4529

CVE-2010-4529 refers to an integer underflow in the irda_getsockopt function (net/irda/af_irda.c) of the Linux kernel prior to 2.6.37 on non-x86 platforms. This underflow could allow a local attacker to obtain potentially sensitive information from kernel heap memory via an IRLMP_ENUMDEVICES gets...

CVE-2010-4529

Integer underflow in the irdagetsockopt function in net/irda/afirda.c in the Linux kernel before 2.6.37 on platforms other than x86 allows local users to obtain potentially sensitive information from kernel heap memory via an IRLMPENUMDEVICES getsockopt call...

CVE-2010-4164

CVE-2010-4164 affects the Linux kernel prior to 2.6.36.2, where multiple integer underflows occur in the x25_parse_facilities function (net/x25/x25_facilities.c). This can allow a remote attacker to cause a denial of service (system crash) via malformed X.25 facility data (X25_FAC_CLASS_A/B/C/D)....

Microsoft PowerPoint Legacy File Parsing Memory Corruption (MS10-088; CVE-2010-2572)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file A remote code execution vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to an integer underflo...

SuSE 11 / 11.1 Security Update : freetype2 (SAT Patch Numbers 2914 / 2919)

This update of freetype2 fixes several vulnerabilities that could lead to remote system compromise by executing arbitrary code with user privileges : - stack-based buffer overflow while processing CFF opcodes. CVE-2010-1797 - integer underflow. CVE-2010-2497 - invalid free. CVE-2010-2498 - buffer...

CVE-2010-3805

Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving WebSockets. NOTE: this may overlap...

CVE-2010-3805

Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving WebSockets. NOTE: this may overlap...

CVE-2010-3805

Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service application crash via vectors involving WebSockets. NOTE: this may overlap...

CVE-2010-3805

The CVE-2010-3805 entry concerns Apple Safari/WebKit. Affected: Safari/WebKit prior to 5.0.3 on Mac OS X 10.5–10.6 and Windows, and prior to 4.1.3 on Mac OS X 10.4. Description: an integer underflow in WebKit via WebSockets allows a remote attacker to execute arbitrary code or cause an applicatio...

CVE-2010-2573

Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Integer Underflow Causes Heap Corruption Vulnerability."...

CVE-2010-2573

Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Integer Underflow Causes Heap Corruption Vulnerability."...

CVE-2010-2573

CVE-2010-2573 is a PowerPoint remote-code-execution vulnerability caused by an integer underflow while parsing PowerPoint files. Affected are Microsoft PowerPoint 2002 SP3, 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac. Microsoft’s MS10-088 security bulletin provides a patch for the vu...

Microsoft PowerPoint Integer Underflow Heap Corruption (MS10-088; CVE-2010-2573)

Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote code execution vulnerability has been identified in Microsoft PowerPoint. The vulnerability is due to an integer underflow in Microsoft PowerPoint that fails to properly parse specially crafted...

MS10-088: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2293386)

The remote Windows host is running a version of Microsoft PowerPoint that is affected by several vulnerabilities : - A buffer overflow exists in the way the application parses the PowerPoint file format, which can be abused to execute arbitrary code if an attacker can trick a user into opening a...

SuSE 10 Security Update : freetype2 (ZYPP Patch Number 7121)

This update of freetype2 fixes several vulnerabilities that could lead to remote system compromise by executing arbitrary code with user privileges : - stack-based buffer overflow while processing CFF opcodes. CVE-2010-1797 - integer underflow. CVE-2010-2497 - invalid free. CVE-2010-2498 - buffer...

Secunia Research: Microsoft Outlook Content Parsing Integer Underflow Vulnerability

====================================================================== Secunia Research 14/09/2010 - Microsoft Outlook Content Parsing Integer Underflow Vulnerability - ====================================================================== Table of Contents Affected...