Lucene search

K

12 matches found

CVE
CVE
added 2010/02/16 7:30 p.m.114 views

CVE-2009-2950

Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decom...

9.3CVSS7.1AI score0.22964EPSS
CVE
CVE
added 2010/02/16 7:30 p.m.111 views

CVE-2009-2949

Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.

9.3CVSS6.9AI score0.50178EPSS
CVE
CVE
added 2010/02/16 7:30 p.m.111 views

CVE-2009-3302

filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."

9.3CVSS7AI score0.42759EPSS
CVE
CVE
added 2010/02/16 7:30 p.m.109 views

CVE-2009-3301

Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document.

9.3CVSS7AI score0.42759EPSS
CVE
CVE
added 2010/01/12 5:30 p.m.109 views

CVE-2009-4538

drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.

10CVSS6.8AI score0.03723EPSS
CVE
CVE
added 2010/01/12 5:30 p.m.100 views

CVE-2009-4536

drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafte...

7.8CVSS7AI score0.10763EPSS
CVE
CVE
added 2010/02/17 6:30 p.m.87 views

CVE-2010-0307

The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of service (system crash) via a 32-bit application ...

4.7CVSS5.5AI score0.00131EPSS
CVE
CVE
added 2010/02/22 1:0 p.m.87 views

CVE-2010-0410

drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a denial of service (memory consumption and system crash) by sending the kernel many NETLINK_CONNECTOR messages.

4.9CVSS6.1AI score0.00079EPSS
CVE
CVE
added 2010/02/15 6:30 p.m.75 views

CVE-2010-0291

The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service (panic) by calling the (1) mmap or (2) mremap function, aka the "do_mremap() mess" or "mremap/mmap mess."

4.6CVSS6.5AI score0.0009EPSS
CVE
CVE
added 2010/01/26 6:30 p.m.73 views

CVE-2010-0003

The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and then reading a log file, and might allow local use...

5.4CVSS6.5AI score0.00063EPSS
CVE
CVE
added 2010/02/16 7:30 p.m.70 views

CVE-2010-0136

OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications (VBA) macro security settings, which allows remote attackers to run arbitrary macros via a crafted document.

9.3CVSS6.5AI score0.04524EPSS
CVE
CVE
added 2010/02/02 4:30 p.m.51 views

CVE-2009-4013

Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving (1) control field names, (2) control field values, and (3) control ...

9.8CVSS9.3AI score0.00836EPSS