Debian Linux Security Vulnerabilities and Issues — Debian Linux CVE List

Lucene search

DebianDebian Linux

10 matches found

CVE•added 2013/05/16 11:45 a.m.•1013 views

CVE-2013-1675

Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data structures for the nsDOMSVGZoomEvent::mPreviousScale and nsDOMSVGZoomEvent::mNewScale functions, which allows remote attackers to obtain sen...

6.5CVSS8.7AI score0.02572EPSS

CVE•added 2013/05/29 2:29 p.m.•224 views

CVE-2002-2443

schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as...

5CVSS5.3AI score0.48591EPSS

CVE•added 2013/05/25 3:18 a.m.•68 views

CVE-2013-3561

Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.

7.8CVSS6.2AI score0.01522EPSS

CVE•added 2013/05/25 3:18 a.m.•65 views

CVE-2013-3560

The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

5CVSS6.3AI score0.0345EPSS

CVE•added 2013/05/25 3:18 a.m.•62 views

CVE-2013-3559

epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed...

5CVSS6.6AI score0.05039EPSS

CVE•added 2013/05/25 3:18 a.m.•59 views

CVE-2013-3557

The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

5CVSS6.3AI score0.0418EPSS

CVE•added 2013/05/25 3:18 a.m.•58 views

CVE-2013-3558

The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

5CVSS6.3AI score0.03264EPSS

CVE•added 2013/05/25 3:18 a.m.•54 views

CVE-2013-3562

Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.

5CVSS6.3AI score0.0344EPSS

CVE•added 2013/05/25 3:18 a.m.•53 views

CVE-2013-3555

epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

5CVSS6.3AI score0.03399EPSS

CVE•added 2013/05/25 3:18 a.m.•49 views

CVE-2013-3556

The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

5CVSS6.3AI score0.01538EPSS