Lucene search
K

162 matches found

OSV
OSV
added 2014/12/15 6:59 p.m.17 views

CVE-2014-1569

The definitelengthdecoder function in lib/util/quickder.c in Mozilla Network Security Services NSS before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long...

3.8AI score
Exploits0References15
Prion
Prion
added 2014/12/15 6:59 p.m.27 views

Design/Logic Flaw

The definitelengthdecoder function in lib/util/quickder.c in Mozilla Network Security Services NSS before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long...

7.5CVSS6.9AI score0.03182EPSS
Exploits4References15Affected Software1
OSV
OSV
added 2014/12/15 6:59 p.m.2 views

DEBIAN-CVE-2014-1569

The definitelengthdecoder function in lib/util/quickder.c in Mozilla Network Security Services NSS before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long...

7.5CVSS7.4AI score0.03182EPSS
Exploits4References1
OSV
OSV
added 2014/12/15 12:0 a.m.3 views

UBUNTU-CVE-2014-1569

The definitelengthdecoder function in lib/util/quickder.c in Mozilla Network Security Services NSS before 3.16.2.4 and 3.17.x before 3.17.3 does not ensure that the DER encoding of an ASN.1 length is properly formed, which allows remote attackers to conduct data-smuggling attacks by using a long...

7.5CVSS7.3AI score0.03182EPSS
Exploits4References7
OSV
OSV
added 2013/06/10 3:19 a.m.3 views

DEBIAN-CVE-2013-3670

The rleunpack function in vmdav.c in libavcodec in FFmpeg git 20130328 through 20130501 does not properly use the bytestream2 API, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash via crafted RLE data. NOTE: the vendor has listed this as ...

4.3CVSS7.1AI score0.01357EPSS
Exploits0References1
OSV
OSV
added 2013/03/09 11:55 a.m.2 views

DEBIAN-CVE-2013-2496

The msrledecode8162432 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via crafted...

7.5CVSS7.5AI score0.01371EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2011/07/27 12:0 a.m.4 views

PT-2011-3363 · Gnu +1 · Gimp +1

Name of the Vulnerable Software and Affected Versions: GIMP version 2.6.11 Description: The issue is related to a heap-based buffer overflow in the read channel data function in the Paint Shop Pro PSP plugin. This can be triggered by a PSP COMP RLE aka RLE compression image file that begins a lon...

7.5CVSS8AI score0.03425EPSS
Exploits0References7
Check Point Advisories
Check Point Advisories
added 2011/02/23 12:0 a.m.8 views

Adobe Reader Image Texture Malformed IFF File Memory Corruption (APSB11-03; CVE-2011-0590)

A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. Adobe Acrobat and Reader products include a plugin to parse the 3D image files inside PDF documents. PDF files can include 3D images in Universal 3D format that can link to external image files, such as an Interchange...

9.3CVSS7.1AI score0.06417EPSS
Exploits0
Prion
Prion
added 2011/01/07 7:0 p.m.18 views

Buffer overflow

Buffer overflow in the sectenttecdmxda function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding RLE compression...

9.3CVSS8.6AI score0.28983EPSS
Exploits1References22Affected Software1
UbuntuCve
UbuntuCve
added 2011/01/07 7:0 p.m.24 views

CVE-2010-4538

Buffer overflow in the sectenttecdmxda function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding RLE compression...

9.3CVSS7.2AI score0.28983EPSS
Exploits1References1
Cvelist
Cvelist
added 2011/01/07 6:0 p.m.25 views

CVE-2010-4538

Buffer overflow in the sectenttecdmxda function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding RLE compression...

7.7AI score0.28983EPSS
Exploits1References22
Debian CVE
Debian CVE
added 2011/01/07 6:0 p.m.37 views

CVE-2010-4538

Buffer overflow in the sectenttecdmxda function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding RLE compression...

9.3CVSS7.9AI score0.28983EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2010/02/09 12:0 a.m.6 views

PT-2010-2050 · Microsoft · Directshow +8

Name of the Vulnerable Software and Affected Versions: Microsoft DirectX versions prior to the fixed version Microsoft Windows 2000 SP4 Microsoft Windows XP SP2 and SP3 Microsoft Windows Server 2003 SP2 Microsoft Windows Vista Gold, SP1, and SP2 Microsoft Windows Server 2008 Gold, SP2, and R2...

9.3CVSS7.7AI score0.31862EPSS
Exploits1References10
Check Point Advisories
Check Point Advisories
added 2009/10/15 12:0 a.m.8 views

Microsoft GDI+ TIFF Memory Corruption (MS09-062; CVE-2009-2503)

The Microsoft Windows graphics device interface GDI enables applications to use graphics and formatted text on the video display and on the printer.A remote code execution vulnerability has been discovered in the way that GDI+ allocates memory.The vulnerability is due to the way that GDI+ renders...

9.3CVSS9.2AI score0.22205EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2008/10/10 7:42 a.m.1 views

CUPS: SGI image parser heap-based buffer overflow

Heap-based buffer overflow in the readrle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded RLE data containing a small image and a large row count...

7.5CVSS7.9AI score0.04403EPSS
Exploits0References4
NVD
NVD
added 2008/04/04 5:44 p.m.20 views

CVE-2008-1021

Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding...

6.8CVSS7.6AI score0.06947EPSS
Exploits1References9
Prion
Prion
added 2008/04/04 5:44 p.m.18 views

Heap overflow

Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding...

6.8CVSS8.2AI score0.06947EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2008/04/04 5:0 p.m.24 views

CVE-2008-1021

Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding...

7.6AI score0.06947EPSS
Exploits1References9
securityvulns
securityvulns
added 2007/12/06 12:0 a.m.115 views

Opera 9.50 beta and prior remote DoS (freeze)

Name : Opera 9.50 beta / 9.24 Remote DoS Type : Remote DoS Credits: Gynvael Coldwind of Vexillium & Simey Impact : Low Short description Opera is vulnerable to a remote DoS attack, using spacially crafted BMP files, that causes the browser to freeze for a short amount of time around 4 minutes on...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2006/08/28 11:41 a.m.4 views

Multiple libtiff flaws (CVE-2006-3460 CVE-2006-3461 CVE-2006-3462 CVE-2006-3463 CVE-2006-3464 CVE-2006-3465)

Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library libtiff before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images...

7.8CVSS7.9AI score0.05665EPSS
Exploits1References4
Rows per page
Query Builder