Lucene search
+L

232 matches found

Debian CVE
Debian CVE
added 2007/12/03 10:0 p.m.49 views

CVE-2007-6203

Apache HTTP Server 2.0.x and 2.2.x does not sanitize the HTTP Method specifier header from an HTTP request when it is reflected back in a "413 Request Entity Too Large" error message, which might allow cross-site scripting XSS style attacks using web client components that can send arbitrary...

4.3CVSS5.6AI score0.80749EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/11/08 12:0 a.m.30 views

GLSA-200711-09 : MadWifi: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200711-09 MadWifi: Denial of Service Clemens Kolbitsch and Sylvester Keil reported an error when processing beacon frames with an overly large 'length' value in the 'xrates' element. Impact : A remote attacker could act as an acce...

4.3CVSS5.6AI score0.01968EPSS
Exploits0References2
Prion
Prion
added 2007/06/26 10:30 p.m.24 views

Integer overflow

Integer signedness error in the gssrpcsvcauthunix function in svcauthunix.c in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value...

8.3CVSS7.4AI score0.03479EPSS
Exploits1References49Affected Software3
NVD
NVD
added 2007/06/26 10:30 p.m.21 views

CVE-2007-2443

Integer signedness error in the gssrpcsvcauthunix function in svcauthunix.c in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value...

8.3CVSS7.3AI score0.03479EPSS
Exploits1References49
UbuntuCve
UbuntuCve
added 2007/06/26 10:30 p.m.32 views

CVE-2007-2443

Integer signedness error in the gssrpcsvcauthunix function in svcauthunix.c in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value...

8.3CVSS7.5AI score0.03479EPSS
Exploits1References2
Cvelist
Cvelist
added 2007/06/26 10:0 p.m.27 views

CVE-2007-2443

Integer signedness error in the gssrpcsvcauthunix function in svcauthunix.c in the RPC library in MIT Kerberos 5 krb5 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value...

9.5AI score0.03479EPSS
Exploits1References49
Prion
Prion
added 2007/03/30 1:19 a.m.27 views

Integer overflow

Integer overflow in the zipreadentry function in PHP 4 before 4.4.5 allows remote attackers to execute arbitrary code via a ZIP archive that contains an entry with a length value of 0xffffffff, which is incremented before use in an emalloc call, triggering a heap overflow...

7.5CVSS8.1AI score0.15328EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2006/10/27 11:7 p.m.1 views

DEBIAN-CVE-2006-4805

epan/dissectors/packet-xot.c in the XOT dissector dissectxotpdu in Wireshark formerly Ethereal 0.9.8 through 0.99.3 allows remote attackers to cause a denial of service memory consumption and crash via an encoded XOT packet that produces a zero length value when it is decoded...

5CVSS7.2AI score0.04059EPSS
Exploits0References1
Cvelist
Cvelist
added 2006/09/09 12:0 a.m.25 views

CVE-2006-4662

Heap-based buffer overflow in the MCRegExSearch function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value TLV type...

8.1AI score0.06154EPSS
Exploits0References8
Cvelist
Cvelist
added 2005/10/11 4:0 a.m.23 views

CVE-2005-2128

QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value...

6.6AI score0.40492EPSS
Exploits0References15
UbuntuCve
UbuntuCve
added 2005/03/14 5:0 a.m.36 views

CVE-2005-0504

Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver moxa.c in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value...

4.6CVSS6.3AI score0.00576EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2005/03/01 7:1 p.m.7 views

security flaw

Heap-based buffer overflow in the UTF8ToNewUnicode function for Firefox before 1.0.1 and Mozilla before 1.7.6 might allow remote attackers to cause a denial of service crash or execute arbitrary code via invalid sequences in a UTF8 encoded string that result in a zero length value...

7.5CVSS6.4AI score0.03861EPSS
Exploits0References4
Rows per page
Query Builder