CVE-2016-4421

Wireshark CVE-2016-4421 affects the ASN.1 BER dissector (epan/dissectors/packet-ber.c). Versions 1.12.x before 1.12.10 and 2.x before 2.0.2 are vulnerable to remote DoS via a packet with deeply nested data, caused by deep recursion and stack/resource depletion leading to an application crash. The...

CVE-2016-4421

epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service deep recursion, stack consumption, and application crash via a packet that specifies deeply nested data...

CVE-2016-3075

Stack-based buffer overflow in the nssdns implementation of the getnetbyname function in GNU C Library aka glibc before 2.24 allows context-dependent attackers to cause a denial of service stack consumption and application crash via a long name...

CVE-2008-4482

The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service stack consumption and crash via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file...

CVE-2009-0605

Stack consumption vulnerability in the dopagefault function in arch/x86/mm/fault.c in the Linux kernel before 2.6.28.5 allows local users to cause a denial of service memory corruption or possibly gain privileges via unspecified vectors that trigger page faults on a machine that has a registered...

CVE-2015-6806

The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service stack consumption via an escape sequence with a large repeat count value...

Code injection

The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service stack consumption via an escape sequence with a large repeat count value...

CVE-2015-6806

CVE-2015-6806 affects GNU Screen 4.3.1 and earlier; root cause is MScrollV recursion not properly limited in ansi.c, enabling denial of service via a large repeat-count escape sequence (stack consumption). Public advisories across distros (Ubuntu USN-3996-1, openSUSE/openSUSE-2019-1485, SUSE-SU-2...

CVE-2015-6806

The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service stack consumption via an escape sequence with a large repeat count value...

Stack overflow

Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service uncontrolled recursion via a crafted massage...

CVE-2015-2779

Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service uncontrolled recursion via a crafted massage...

Oracle Solaris Third-Party Patch Update : perl (cve_2014_4330_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many...

GLSA-201412-14 : Xfig: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201412-14 Xfig: User-assisted execution of arbitrary code A stack-based buffer overflow and a stack consumption vulnerability have been found in Xfig. Impact : A remote attacker could entice a user to open a specially crafted file...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-2376-1)

Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service system crash or possibly execute arbitrary code via specially crafted devices. CVE-2014-3181 Ben Hawkes reported...

Updated perl packages fix CVE-2014-4330

Updated perl package fixes security vulnerability: The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which trigge...

CVE-2014-4330

The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DDdump...

Design/Logic Flaw

The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DDdump...

CVE-2014-4330

The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DDdump...

CVE-2014-5471

Stack consumption vulnerability in the parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service uncontrolled recursion, and system crash or reboot via a crafted iso9660 image with a CL entry referring to a directory...

CVE-2014-5471

Stack consumption vulnerability in the parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service uncontrolled recursion, and system crash or reboot via a crafted iso9660 image with a CL entry referring to a directory...