114 matches found
Embedthis Software Appweb Denial of Service Vulnerability
Embedthis Software AppWeb is a fast and small web server from Embedthis Software, USA, which is used for embedded applications, appliances and web services and supports security defense policies, digestive authentication, virtual hosting and more. A security vulnerability exists in Embedthis...
Null pointer dereference
The 1 asn1readvaluetype and 2 asn1readvalue functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via a NULL value in an ivalue argument...
libtasn1: asn1_read_value_type() NULL pointer dereference
The 1 asn1readvaluetype and 2 asn1readvalue functions in GNU Libtasn1 before 3.6 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via a NULL value in an ivalue argument...
CVE-2013-0191
libpam-pgsql aka pampgsql 0.7 does not properly handle a NULL value returned by the password search query, which allows remote attackers to bypass authentication via a crafted password...
CVE-2013-4143
The 1 checkPasswd and 2 checkGroupXlockPasswds functions in xlockmore before 5.43 do not properly handle when a NULL value is returned upon an error by the crypt or dispcrypt function as implemented in glibc 2.17 and later, which allows attackers to bypass the screen lock via vectors related to...
CVE-2013-4122
Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service thread crash and consumption via 1 an invalid salt or, when FIPS-140...
CVE-2013-4122
CVE-2013-4122 affects Cyrus SASL 2.1.23, 2.1.26 and earlier. The root cause is incorrect handling of when a NULL value is returned on error by the crypt function in glibc 2.17+, enabling remote DoS via (1) invalid salt or (2) DES or (3) MD5 passwords when FIPS-140 is enabled, triggering a NULL po...
CVE-2013-4122
Cyrus SASL 2.1.23, 2.1.26, and earlier does not properly handle when a NULL value is returned upon an error by the crypt function as implemented in glibc 2.17 and later, which allows remote attackers to cause a denial of service thread crash and consumption via 1 an invalid salt or, when FIPS-140...
CVE-2013-1323
Microsoft Publisher 2003 SP3 does not properly handle NULL values for unspecified data items, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Incorrect NULL Value Handling Vulnerability."...
CVE-2013-1323
Microsoft Publisher (Office Publisher) Remote Code Execution vulnerability CVE-2013-1323 arises from incorrect NULL value handling when processing unspecified data items in Publisher files. Affected products, per sources, include Microsoft Publisher 2003 SP2/SP3, 2007 SP3, and 2010 SP1 (32/64‑bit...
CVE-2011-2518
The tomoyomountacl function in security/tomoyo/mount.c in the Linux kernel before 2.6.39.2 calls the kernpath function with arguments taken directly from a mount system call, which allows local users to cause a denial of service OOPS or possibly have unspecified other impact via a NULL value for...
Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (1)
source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occurs in several methods in the java.util.zip class. The methods can be called with certain types of...
Sun JDK/SDK 1.3/1.4 / IBM JDK 1.3.1 / BEA Systems WebLogic 5/6/7 - java.util.zip Null Value Denial of Service (2)
source: https://www.securityfocus.com/bid/7109/info Several implementations of the Java Virtual Machine have been reported to be prone to a denial of service condition. This vulnerability occurs in several methods in the java.util.zip class. The methods can be called with certain types of...
OpenBSD 2.x3.0 - User Mode Return Value Denial of Service
OpenBSD 2.x3.0 - User Mode Return Value Denial of Service // source: https://www.securityfocus.com/bid/3612/info OpenBSD is a freely available implementation of the BSD Operating System. It is based on the NetBSD implementation. Under some conditions, an application launched by a regular user on...