58 matches found
kernel: Buffer overflow in hidp_process_report
A buffer overflow due to a singed-unsigned comparsion was found in hidpprocessreport in the net/bluetooth/hidp/core.c in the Linux kernel. The buffer length is an unsigned int but gets cast to a signed int which in certain conditions can lead to a system panic and a denial-of-service...
CVE-2018-9363
A buffer overflow due to a singed-unsigned comparsion was found in hidpprocessreport in the net/bluetooth/hidp/core.c in the Linux kernel. The buffer length is an unsigned int but gets cast to a signed int which in certain conditions can lead to a system panic and a denial-of-service...
DEBIAN-CVE-2018-14600
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write of up to 128 bytes, leading to DoS or remote code execution...
DEBIAN-CVE-2014-8129
LibTIFF 4.0.3 allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tifnext.c to verify that the BitsPerSample value is 2, and the t2psamplelabsignedtounsigned function in tiff2pdf...
DEBIAN-CVE-2017-9951
The tryreadcommand function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service segmentation fault via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerabili...
ALPINE-CVE-2017-9951
The tryreadcommand function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service segmentation fault via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerabili...
UBUNTU-CVE-2017-9951
The tryreadcommand function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service segmentation fault via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerabili...
mpg123 signed-unsigned conversion vulnerability
Integer sign mismatch error on ID3 MP3 tags parsing...
CVE-2007-2867
Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service crash via vectors related to dangling pointer...
Heap overflow
Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service crash via vectors related to dangling pointer...
gnupg/gpgme signed message spoofing
GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection...
DEBIAN-CVE-2007-1263
GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection...
Multiple FreeBSD kernel integer overflow
Integer overflow and signed/unsigned conversion problems in i386setldt...
[Full-disclosure] RealVNC 4.1.2 minor heap corruption/DoS vulnerability (authentication required)
This vulnerability affects the latest version of RealVNC 4.1.2 on all platforms. It is tested on Windows. To exploit the vulnerability, the attacker must either control a connected and authenticated client connected to a vulnerable VNC server or control a VNC server with at least one vulnerable...
security flaw
The procfs code procmisc.c in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value...
Remote Linux Kernel < 2.4.21 DoS in XDR routine.
Hello all, I have discovered a signed/unsigned issue in a routine responsible for demarshalling XDR data for NFSv3 procedure calls. As far as I can tell, this bug has existed since NFSv3 support was integrated. It has been silently fixed in 2.4.21. The bug is in the decodefh routine of...
Signed/unsigned conversion bug in wwwoffled
Content-Length integer type bug...
Ошибки в sendmail debug (signed/unsigned)
при использовании ключа -d используется знаковое число после присвоения ему беззнакового значения в качестве индекса массива, что позволяет адресовать отрицательное смещение...