Lucene search
K

633 matches found

securityvulns
securityvulns
added 2010/12/10 12:0 a.m.70 views

Mozilla Foundation Security Advisory 2010-75

Mozilla Foundation Security Advisory 2010-75 Title: Buffer overflow while line breaking after document.write with long string Impact: Critical Announced: December 9, 2010 Reporter: Dirk Heinrich Products: Firefox, Thunderbird, SeaMonkey Fixed in: Firefox 3.6.13 Firefox 3.5.16 Thunderbird 3.1.7...

9.3CVSS0.4AI score0.04618EPSS
Exploits0
Mozilla
Mozilla
added 2010/12/09 12:0 a.m.30 views

Buffer overflow while line breaking after document.write with long string — Mozilla

Dirk Heinrich reported that on Windows platforms when document.write was called with a very long string a buffer overflow was caused in line breaking routines attempting to process the string for display. Such cases triggered an invalid read past the end of an array causing a crash which an...

9.3CVSS1.9AI score0.04618EPSS
Exploits0References2Affected Software3
Tenable Nessus
Tenable Nessus
added 2010/11/24 12:0 a.m.33 views

FreeBSD : OpenTTD -- Denial of service (server/client) via invalid read (373e412e-f748-11df-96cd-0015f2db7bde)

The OpenTTD Team reports : When a client disconnects, without sending the 'quit' or 'client error' message, the server has a chance of reading and writing a just freed piece of memory. The writing can only happen while the server is sending the map. Depending on what happens directly after freein...

7.5CVSS7.2AI score0.03668EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2010/11/20 12:0 a.m.33 views

OpenTTD -- Denial of service (server/client) via invalid read

The OpenTTD Team reports: When a client disconnects, without sending the "quit" or "client error" message, the server has a chance of reading and writing a just freed piece of memory. The writing can only happen while the server is sending the map. Depending on what happens directly after freeing...

7.5CVSS6.3AI score0.03668EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2010/11/17 3:0 p.m.50 views

CVE-2010-4168

Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow 1 remote attackers to cause a denial of service invalid write and daemon crash by abruptly disconnecting during transmission of the map from the server, related to network/networkserver.cpp; 2 remote attackers to cause a...

7.5CVSS6.4AI score0.03668EPSS
Exploits0
NVD
NVD
added 2010/05/13 5:30 p.m.25 views

CVE-2010-0128

Integer signedness error in dirapi.dll in Adobe Shockwave Player before 11.5.7.609 and Adobe Director before 11.5.7.609 allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted .dir file that triggers an invalid read operation...

9.3CVSS7.7AI score0.04992EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2009/03/18 12:0 a.m.7 views

PT-2009-3521 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.27 through 2.6.27.13 Linux kernel versions 2.6.28 through 2.6.28.2 Linux kernel version 2.6.29-rc3 Description: The issue allows local users to cause a denial of service via a read with an invalid address to an inoti...

5.5CVSS5.1AI score0.0027EPSS
Exploits1References10
Tenable Nessus
Tenable Nessus
added 2008/09/26 12:0 a.m.28 views

GLSA-200809-17 : Wireshark: Multiple Denials of Service

The remote host is affected by the vulnerability described in GLSA-200809-17 Wireshark: Multiple Denials of Service The following vulnerabilities were reported: Multiple buffer overflows in the NCP dissector CVE-2008-3146. Infinite loop in the NCP dissector CVE-2008-3932. Invalid read in the...

10CVSS5.8AI score0.04036EPSS
Exploits0References5
Gentoo Linux
Gentoo Linux
added 2008/09/25 12:0 a.m.28 views

Wireshark: Multiple Denials of Service

Background Wireshark is a network protocol analyzer with a graphical front-end. Description The following vulnerabilities were reported: Multiple buffer overflows in the NCP dissector CVE-2008-3146. Infinite loop in the NCP dissector CVE-2008-3932. Invalid read in the tvbuncompress function when...

10CVSS6.9AI score0.04036EPSS
Exploits0
NVD
NVD
added 2008/09/04 7:41 p.m.19 views

CVE-2008-3933

Wireshark formerly Ethereal 0.10.14 through 1.0.2 allows attackers to cause a denial of service crash via a packet with crafted zlib-compressed data that triggers an invalid read in the tvbuncompress function...

3.3CVSS6AI score0.00623EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2007/07/17 12:30 a.m.38 views

CVE-2007-3806

The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to memory corruption or an invalid read on win32 platforms, and possibly related to lack of initializati...

6.8CVSS6.3AI score0.10744EPSS
Exploits1References1
NVD
NVD
added 2007/07/17 12:30 a.m.23 views

CVE-2007-3806

The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to memory corruption or an invalid read on win32 platforms, and possibly related to lack of initializati...

6.8CVSS7.7AI score0.10744EPSS
Exploits1References18
Exploit DB
Exploit DB
added 2000/09/21 12:0 a.m.28 views

NetcPlus BrowseGate 2.80 - Denial of Service

source: https://www.securityfocus.com/bid/1702/info NetcPlus BrowseGate 2.80 will crash as the result of an invalid read error if a number of character strings consisting of 8 KB are inserted into GET request arguments through port 80. For example: GET / HTTP/1.0 Authorization: Basic8 KB string o...

7.4AI score
Exploits0
Rows per page
Query Builder