CVE-2014-9670

Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...

CVE-2014-9670

Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...

CVE-2014-9670

CVE-2014-9670 : In FreeType before 2.5.4, multiple integer signedness errors in the pcf_get_encodings function (pcf/pcfread.c) can be triggered by a crafted PCF file with negative values for the first column and first row, enabling a remote attacker to cause a denial of service via integer overfl...

CVE-2014-10024

CVE-2014-10024 involves multiple integer signedness errors in DirectShowDemuxFilter, used by Divx Web Player, Divx Player, and other Divx plugins. The flaw arises when parsing the Stream Format (STRF) chunk in an AVI file, where a negative or excessively large value can trigger a heap-based buffe...

CVE-2014-10024

Multiple integer signedness errors in DirectShowDemuxFilter, as used in Divx Web Player, Divx Player, and other Divx plugins, allow remote attackers to execute arbitrary code via a 1 negative or 2 large value in a Stream Format STRF chunk in an AVI file, which triggers a heap-based buffer overflo...

CVE-2014-2977

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

Design/Logic Flaw

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

CVE-2014-2977

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

CVE-2014-2977

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

CVE-2014-2977

CVE-2014-2977 in DirectFB (Dispatch_Write in proxy/dispatcher/idirectfbsurface_dispatcher.c) allows remote attackers to cause a denial of service (crash) and possibly execute code via the Voodoo interface; CVE-2014-2978 is an out-of-bounds write in the same area. Connected advisories confirm thes...

PHP 5.5.x < 5.5.9 Multiple Vulnerabilities (May 2014)

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

CVE-2013-7328

CVE-2013-7328 affects PHP 5.5.x before 5.5.9 due to multiple integer signedness errors in the gdImageCrop function (ext/gd/gd.c). A remote attacker can trigger a denial of service (application crash) or information disclosure by calling imagecrop with a negative x or y dimension. The issue is tie...

CVE-2013-7328

Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service application crash or obtain sensitive information via an imagecrop function call with a negative value for the 1 x or 2 y dimension, a...

PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities

Binary data 8125.prm...

CVE-2013-6477

Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...

CVE-2013-6477

Pidgin/libpurple prior to version 2.10.8 is vulnerable to a denial of service via a crafted timestamp in an XMPP message, caused by multiple integer signedness errors in the codepath handling XMPP timestamps. The issue is explicitly identified as CVE-2013-6477. Connected advisories show that the ...

CVE-2013-6477

Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...

CVE-2013-6477

Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...

pidgin: DoS when handling timestamps in the XMPP plugin

Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...

CVE-2011-4971

Multiple integer signedness errors in the 1 processbinsaslauth, 2 processbincompletesaslauth, 3 processbinupdate, and 4 processbinappendprepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service crash via a large body length value in a packet...