113 matches found
EulerOS 2.0 SP2 : java-1.7.0-openjdk (EulerOS-SA-2018-1059)
According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java...
OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)
Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...
CVE-2017-14988
Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe tha...
USN-3422-1 linux vulnerabilities
It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the asynchronous I/O aio...
CVE-2017-9778
GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB...
Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update
An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2013-4933
The netmonopen function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service application crash via a crafted packet-trace file...
CVE-2012-1867
CVE-2012-1867 is a local privilege-escalation flaw in Windows where an integer overflow in win32k.sys (font resource handling) could allow a local attacker to gain SYSTEM-level privileges via a crafted TrueType font. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows V...
CVE-2010-0025
The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2000 SP3, does not properly allocate memory for SMTP command replies, which allows remote attackers to read fragments of e-mail messages by sending a series of...
PT-2009-4909 · Microsoft · 2007 Microsoft Office System +26
Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer 6 SP1 Windows XP SP2 and SP3 Office XP SP3 Office 2003 SP3 2007 Microsoft Office System SP1 and SP2 Office Project 2002 SP1 Visio 2002 SP2 Office Word Viewer Word Viewer 2003 Gold and SP3 Office Excel Viewer 2003...
CVE-2008-0120
Integer overflow in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute arbitrary code via a PowerPoint file with a malformed picture index that triggers memory corruption, related to handling of CString objects, aka "Memory Allocation Vulnerability."...
CVE-2008-0120
CVE-2008-0120 concerns Microsoft PowerPoint Viewer 2003. The issue is an integer overflow in the handling of embedded CString objects within a PowerPoint file’s picture index, leading to remote code execution if a user opens a malformed file. Technical sources (NVD, SAINT/OSVDB mirrors, and OpenV...
Important: Red Hat Security Advisory: perl security update
Updated Perl packages that fix security issues for Red Hat Application Stack v1.2 are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration utilities an...