CVE-2007-4904

RealNetworks RealPlayer 10.1.0.3114 and earlier, and Helix Player 1.0.6.778 on Fedora Core 6 FC6 and possibly other platforms, allow user-assisted remote attackers to cause a denial of service application crash via a malformed .au file that triggers a divide-by-zero error...

Ubuntu: Security Advisory (USN-2667-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for the Linux Kernel (important)

The openSUSE 13.2 kernel was updated to receive various security and bugfixes. Following security bugs were fixed: - CVE-2015-3290: A flaw was found in the way the Linux kernels nested NMI handler and espfix64 functionalities interacted during NMI processing. A local, unprivileged user could use...

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2664-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2664-1 advisory. A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative...

Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2665-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2665-1 advisory. A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative...

Ubuntu: Security Advisory (USN-2666-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2662-1: Linux kernel (Trusty HWE) vulnerabilities

Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes xattrs. A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. CVE-2014-9710 A race condition was discovered in the Linux kernel's filehandle size...

SOL16881 - OZWPAN driver vulnerabilities CVE-2015-4001, CVE-2015-4002, CVE-2015-4003, CVE-2015-4004

CVE-2015-4001 Integer signedness error in the ozhcdgetdesccnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted packet. CVE-2015-4002...

CVE-2015-4467

The chmdinitdecomp function in chmd.c in libmspack before 0.5 does not properly validate the reset interval, which allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted CHM file...

CVE-2015-4003

The ozusbhandleepdata function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service divide-by-zero error and system crash via a crafted packet...

CVE-2015-4003

CVE-2015-4003 affects the OZWPAN driver in the Linux kernel (drivers/staging/ozwpan/ozusbsvc1.c, function oz_usb_handle_ep_data) through kernel 4.0.5. A remote attacker can send a crafted packet to trigger a divide-by-zero and cause a system crash (DoS). The connected advisories (Unity Linux/Eule...

CVE-2014-9638

oggenc in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service divide-by-zero error and crash via a WAV file with the number of channels set to zero...

CVE-2014-8130

The TIFFmalloc function in tifunix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tifwrite.c, as demonstrated by...

CVE-2014-6054

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service divide-by-zero error and server crash via a zero value in the scaling factor in a 1 PalmVNCSetScaleFactor or 2 SetScale message...

Denial of service

The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service divide-by-zero error and server crash via a zero value in the scaling factor in a 1 PalmVNCSetScaleFactor or 2 SetScale message...

CVE-2014-6054

CVE-2014-6054 affects LibVNCServer: rfbProcessClientNormalMessage handles the scaling factor and can crash the server via a division-by-zero when the factor is 0. This is a remote-denial-of-service condition. Connected advisories (Debian, CentOS/RHEL, Mageia, Arch Linux, Gentoo) report fixes via ...

VLC Media Player ASF Demuxer Denial of Service Vulnerability - Windows

VLC Media Player is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Denial of service

The ASFReadObjectfileproperties function in modules/demux/asf/libasf.c in the ASF Demuxer in VideoLAN VLC Media Player before 2.1.3 allows remote attackers to cause a denial of service divide-by-zero error and crash via a zero minimum and maximum data packet size in an ASF file...

VLC Media Player 2.1.2 Denial Of Service

!/usr/bin/python VLC Media Player up to 2.1.2 DOS POC Integer Division By zero in ASF Demuxer VLC Media Player is prone to DOS utilizing a division by zero error if minimium data packet size is equal to zero. this was tested on windows XP sp3 and affects all versions of vlc till latest 2.1.2 to r...

Oracle Linux 5 / 6 : unbreakable enterprise kernel (ELSA-2013-2588)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-2588 advisory. - ip6output: do skb ufo init for peeked non ufo skb as well Jiri Pirko Orabug: 17951806 CVE-2013-4470 - ipoutput: do skb ufo init for peeked non uf...