75 matches found
CVE-2009-3431
Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service application crash via a PDF file with a large number of open...
Mandrake Security Advisory MDVSA-2009:223 (xerces-c)
The remote host is missing an update to xerces-c announced via advisory MDVSA-2009:223. OpenVAS Vulnerability Test $Id: mdksa2009223.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:223 xerces-c Authors: Thomas Reinke Copyright: Copyright c 2009 E-Sof...
[ MDVSA-2009:223 ] xerces-c
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:223 http://www.mandriva.com/security/ Package : xerces-c Date : August 30, 2009 Affected: 2008.1, 2009.0, 2009.1, Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected in...
CVE-2009-1885
Stack consumption vulnerability in validators/DTD/DTDScanner.cpp in Apache Xerces C++ 2.7.0 and 2.8.0 allows context-dependent attackers to cause a denial of service application crash via vectors involving nested parentheses and invalid byte values in "simply nested DTD structures," as demonstrat...
CVE-2009-1885
The CVE-2009-1885 entry concerns a stack-consumption vulnerability in Apache Xerces-C++ (validator DTDScanner.cpp) affecting Xerces-C++ 2.7.0 and 2.8.0, enabling a context-dependent DoS (crash) via deeply nested DTD structures and invalid byte values, as demonstrated by the XML fuzzing framework....
libxml -- Stack consumption vulnerability
Stack consumption vulnerability allows context-dependent attackers to cause a denial of service application crash via a large depth of element declarations in a DTD...
CVE-2009-0605
Stack consumption vulnerability in the dopagefault function in arch/x86/mm/fault.c in the Linux kernel before 2.6.28.5 allows local users to cause a denial of service memory corruption or possibly gain privileges via unspecified vectors that trigger page faults on a machine that has a registered...
CVE-2009-0605
CVE-2009-0605 is a Linux kernel vulnerability affecting the do_page_fault path in arch/x86/mm/fault.c, present in 2.6.x up to 2.6.28.5. A local user with a registered Kprobes probe can trigger page faults to cause memory exhaustion, enabling denial of service and potentially privilege gain. The f...
CVE-2009-0341
CVE-2009-0341 concerns Microsoft Internet Explorer 7.0 on Windows XP SP3, where the shell32 module may be vulnerable to an input element with an excessively long VALUE attribute. The NVD description indicates a possible remote code execution through this long VALUE attribute, potentially tied to ...
CVE-2008-1689
Stack consumption vulnerability in WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service daemon crash via a long request header in an HTTP request to TCP port 801. NOTE: some of these details are obtained from third party...
CVE-2008-1689
CVE-2008-1689 is a stack consumption vulnerability affecting WebContainer.exe up to version 1.0.0.336 and SLMail Pro up to 6.3.1.0. A remote attacker can cause a denial of service (daemon crash) by sending a long request header in an HTTP request to TCP port 801. The provided documents identify t...
Stack overflow
Stack consumption vulnerability in Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service daemon crash via a certain packet that triggers the recursive calling of a function...
CVE-2008-0979
CVE-2008-0979 concerns a stack consumption vulnerability in Double-Take 5.0.0.2865 and earlier (also under HP StorageWorks Storage Mirroring and other names). The issue allows a remote attacker to cause a denial of service (daemon crash) by sending a certain packet that triggers recursive calling...
Heap overflow
Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor Pavlov 7-Zip before 4.53 beta, allows user-assisted remote attackers to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow...
CVE-2006-6297
CVE-2006-6297 affects KDE kdegraphics components, notably the kdegraphics-kfile-plugins (kfile_jpeg) used by Konqueror, digiKam and other KDE image viewers. The issue is a stack consumption/stack overflow vulnerability in the kfile_jpeg EXIF handling that can trigger a denial of service via a cra...