CVE-2011-3328

The CVE-2011-3328 issue affects libpng 1.5.4 with color-correction enabled, where png_handle_cHRM in pngrutil.c mishandles a cHRM chunk with a zero value, allowing a remote attacker to cause a denial of service (divide-by-zero and crash). Connected records confirm this vulnerability and indicate ...

CVE-2011-3328

The pnghandlecHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service divide-by-zero error and application crash via a malformed PNG image containing a cHRM chunk associated with a certain zero value...

Denial of service

SystemTap 1.4 and earlier, when unprivileged aka stapusr mode is enabled, allows local users to cause a denial of service divide-by-zero error and OOPS via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access...

Mandriva Update for ffmpeg MDVSA-2011:060 (ffmpeg)

Check for the Version of ffmpeg OpenVAS Vulnerability Test Mandriva Update for ffmpeg MDVSA-2011:060 ffmpeg Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Mandriva Update for ffmpeg MDVSA-2011:060 (ffmpeg)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Design/Logic Flaw

The ldmparsevmdb function in fs/partitions/ldm.c in the Linux kernel before 2.6.38-rc6-git6 does not validate the VBLK size value in the VMDB structure in an LDM partition table, which allows local users to cause a denial of service divide-by-zero error and OOPS via a crafted partition table...

CVE-2011-1012

CVE-2011-1012 affects the Linux kernel, in particular the LDM partition handling. The flaw lies in ldm_parse_vmdb in fs/partitions/ldm.c, which does not validate the VBLK size in the VMDB structure of an LDM partition table. A crafted partition table can trigger a divide-by-zero and cause a kerne...

CVE-2010-2597

The TIFFVStripSize function in tifstrip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service application crash via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler...

Input validation

The TIFFVStripSize function in tifstrip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service application crash via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler...

CVE-2010-2597

The TIFFVStripSize function in tifstrip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service application crash via a crafted TIFF image, related to "downsampled OJPEG input" and possibly related to a compiler...

CVE-2010-2597

The CVE-2010-2597 issue affects LibTIFF 3.9.0 and 3.9.2, where TIFFVStripSize calls TIFFGetField incorrectly, enabling a crafted TIFF image to trigger a denial of service (application crash). The vulnerability is associated with downsampled OJPEG input and may involve a compiler optimization that...

CVE-2009-4835

The 1 htkreadheader, 2 alawinit, 3 ulawinit, 4 pcminit, 5 float32init, and 6 sdsreadheader functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service divide-by-zero error and application crash via a crafted audio file...

CVE-2009-4835

The 1 htkreadheader, 2 alawinit, 3 ulawinit, 4 pcminit, 5 float32init, and 6 sdsreadheader functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service divide-by-zero error and application crash via a crafted audio file...

CVE-2009-4835

The 1 htkreadheader, 2 alawinit, 3 ulawinit, 4 pcminit, 5 float32init, and 6 sdsreadheader functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service divide-by-zero error and application crash via a crafted audio file...

CVE-2009-4835

The 1 htkreadheader, 2 alawinit, 3 ulawinit, 4 pcminit, 5 float32init, and 6 sdsreadheader functions in libsndfile 1.0.20 allow context-dependent attackers to cause a denial of service divide-by-zero error and application crash via a crafted audio file...

CVE-2009-4835

CVE-2009-4835 affects libsndfile 1.0.20, where six internal functions (htk_read_header, alaw_init, ulaw_init, pcm_init, float32_init, sds_read_header) can trigger a divide-by-zero and cause denial of service when processing a crafted audio file. Public records reference this alongside fixes for l...

Design/Logic Flaw

The azxpositionok function in hdaintel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent attackers to cause a denial of service crash via unknown manipulations that trigger a divide-by-zero error...

CVE-2010-1085

The azxpositionok function in hdaintel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent attackers to cause a denial of service crash via unknown manipulations that trigger a divide-by-zero error...

Buffer overflow

Buffer overflow in Microsoft Windows Media Player 9 and 11.0.5721.5145 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted .mpg file...

Design/Logic Flaw

The avrescalernd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service crash via a crafted AVI file that triggers a divide-by-zero error...