1320 matches found
CVE-2012-3967
The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly interact with Mesa drivers, which allows...
Scientific Linux Security Update : apr on SL4.x, SL5.x, SL6.x i386/x86_64
It was discovered that the aprfnmatch function used an unconstrained recursion when processing patterns with the '' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching such as an httpd server using th...
Scientific Linux Security Update : php53 on SL5.x i386/x86_64
A flaw was found in the way PHP converted certain floating point values from string representation to a number. If a PHP script evaluated an attacker's input in a numeric context, the PHP interpreter could cause high CPU usage until the script execution time limit is reached. This issue only...
CentOS Update for php53 CESA-2011:0196 centos5 x86_64
Check for the Version of php53 OpenVAS Vulnerability Test CentOS Update for php53 CESA-2011:0196 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
UBUNTU-CVE-2012-3430
The rdsrecvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 recvfrom or 2 recvmsg system call on an RDS socket...
CVE-2012-3368
Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...
CVE-2012-3368
Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...
Integer overflow
Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...
CVE-2012-3368
Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...
CVE-2012-3368
Integer signedness error in attach.c in dtach 0.8 allows remote attackers to obtain sensitive information from daemon stack memory in opportunistic circumstances by reading application data after an improper connection-close request, as demonstrated by running an IRC client in dtach...
CVE-2012-3368
CVE-2012-3368 affects dtach 0.8 due to an integer signedness error in attach.c that can allow remote disclosure of daemon stack memory after an improper connection-close, demonstrated by using an IRC client in dtach. Exploitation context is opportunistic and requires a specific sequence; no in‑do...
ZDI-12-094 : RealNetworks Helix Server rn5auth Credential Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-094 : RealNetworks Helix Server rn5auth Credential Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-094 June 21, 2012 - -- CVE ID: CVE-2012-0942 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - --...
CVE-2011-1080
The doreplace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does not ensure that a certain name field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAPNETADMIN capability ...
RealNetworks Helix Server rn5auth Credential Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Real Helix Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within rn4auth.dll, which is responsible for parsing authentication credentials. When the...
CVE-2011-2913
Off-by-one error in the CSoundFile::ReadAMS function in src/loadams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service stack memory corruption and possibly execute arbitrary code via a crafted AMS file with a large number of samples...
Memory corruption
Off-by-one error in the CSoundFile::ReadAMS function in src/loadams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service stack memory corruption and possibly execute arbitrary code via a crafted AMS file with a large number of samples...
CVE-2011-2913
Off-by-one error in the CSoundFile::ReadAMS function in src/loadams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service stack memory corruption and possibly execute arbitrary code via a crafted AMS file with a large number of samples...
CVE-2011-2913
CVE-2011-2913 is an off-by-one error in the CSoundFile::ReadAMS function (src/load_ams.cpp) in libmodplug before 0.8.8.4 that can be triggered by a crafted AMS file with a large number of samples, enabling denial of service (stack memory corruption) and potentially arbitrary code execution. Publi...
CVE-2011-2913
Off-by-one error in the CSoundFile::ReadAMS function in src/loadams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service stack memory corruption and possibly execute arbitrary code via a crafted AMS file with a large number of samples...
IBM Solid Database 6.5 < 6.5.0.8 Multiple Denial of Service Vulnerabilities
Binary data 6340.prm...