Max CVSS 10.0 Min CVSS 1.2 Total Count865
IDCVSSSummaryLast (major) updatePublished
CVE-2009-3270 5.0
Microsoft Internet Explorer 7 through 7.0.6000.16711 allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821.
24-03-2017 - 21:59 18-09-2009 - 18:30
CVE-2005-3628 7.5
Buffer overflow in the JBIG2Bitmap::JBIG2Bitmap function in JBIG2Stream.cc in Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to modify memory and possibly execute arbitrary co
19-02-2017 - 00:09 31-12-2005 - 00:00
CVE-2005-3180 5.0
The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information.
19-02-2017 - 00:09 12-10-2005 - 09:04
CVE-2007-5334 4.3
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 can hide the window's titlebar when displaying XUL markup language documents, which makes it easier for remote attackers to conduct phishing and spoofing attacks by setting the hidechrome attr
19-01-2017 - 21:59 21-10-2007 - 16:17
CVE-2010-1447 8.5
The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows
07-12-2016 - 22:01 19-05-2010 - 14:30
CVE-2010-1168 7.5
The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass intended (1) Safe::reval and (2) Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and
07-12-2016 - 22:01 21-06-2010 - 12:30
CVE-2010-0624 6.8
Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functionality in GNU tar before 1.23 and GNU cpio before 2.11 allows remote rmt servers to cause a denial of service (memory corruption) or possibly execute arb
07-12-2016 - 22:01 15-03-2010 - 09:28
CVE-2010-0001 6.8
Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and probably others, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cra
07-12-2016 - 22:01 29-01-2010 - 13:30
CVE-2009-3563 6.4
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchang
07-12-2016 - 22:01 09-12-2009 - 13:30
CVE-2009-3490 6.8
GNU Wget before 1.12 does not properly handle a '\0' character in a domain name in the Common Name field of an X.509 certificate, which allows man-in-the-middle remote attackers to spoof arbitrary SSL servers via a crafted certificate issued by a leg
07-12-2016 - 22:01 30-09-2009 - 11:30
CVE-2009-2905 4.6
Heap-based buffer overflow in textbox.c in newt 0.51.5, 0.51.6, and 0.52.2 allows local users to cause a denial of service (application crash) or possibly execute arbitrary code via a request to display a crafted text dialog box.
07-12-2016 - 22:01 29-09-2009 - 15:30
CVE-2009-0115 7.2
The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket
07-12-2016 - 22:01 30-03-2009 - 12:30
CVE-2008-2051 10.0
The escapeshellcmd API function in PHP before 5.2.6 has unknown impact and context-dependent attack vectors related to "incomplete multibyte chars."
07-12-2016 - 22:00 05-05-2008 - 13:20
CVE-2008-1237 6.8
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors relat
07-12-2016 - 22:00 27-03-2008 - 06:44
CVE-2008-1236 6.8
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors relat
07-12-2016 - 22:00 27-03-2008 - 06:44
CVE-2008-1235 9.3
Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via unknown vectors that cause JavaScript to execute with the wrong principal, aka
07-12-2016 - 22:00 27-03-2008 - 06:44
CVE-2008-1234 4.3
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to inject arbitrary web script or HTML via event handlers, aka "Universal XSS using event han
07-12-2016 - 22:00 27-03-2008 - 06:44
CVE-2008-1233 6.8
Unspecified vulnerability in Mozilla Firefox before 2.0.0.13, Thunderbird before 2.0.0.13, and SeaMonkey before 1.1.9 allows remote attackers to execute arbitrary code via "XPCNativeWrapper pollution."
07-12-2016 - 22:00 27-03-2008 - 06:44
CVE-2007-6067 6.8
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of se
07-12-2016 - 22:00 09-01-2008 - 16:46
CVE-2007-4476 7.5
Buffer overflow in the safer_name_suffix function in GNU tar has unspecified attack vectors and impact, resulting in a "crashing stack."
07-12-2016 - 22:00 04-09-2007 - 21:17
CVE-2005-2970 5.0
Memory leak in the worker MPM (worker.c) for Apache 2, in certain circumstances, allows remote attackers to cause a denial of service (memory consumption) via aborted connections, which prevents the memory for the transaction pool from being reused f
07-12-2016 - 22:00 25-10-2005 - 13:06
CVE-2004-1018 10.0
Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via (1) a negative offset value to the shmop_write function, (2) an "integer overflow/underfl
07-12-2016 - 21:59 10-01-2005 - 00:00
CVE-2004-0989 10.0
Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy
07-12-2016 - 21:59 01-03-2005 - 00:00
CVE-2004-0977 2.1
The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files.
07-12-2016 - 21:59 09-02-2005 - 00:00
CVE-2004-0967 7.2
The (1) pj-gs.sh, (2) ps2epsi, (3) pv.sh, and (4) sysvlp.sh scripts in the ESP Ghostscript (espgs) package in Trustix Secure Linux 1.5 through 2.1, and other operating systems, allow local users to overwrite files via a symlink attack on temporary fi
07-12-2016 - 21:59 09-02-2005 - 00:00
CVE-2004-0930 5.0
The ms_fnmatch function in Samba 3.0.4 and 3.0.7 and possibly other versions allows remote authenticated users to cause a denial of service (CPU consumption) via a SAMBA request that contains multiple * (wildcard) characters.
07-12-2016 - 21:59 27-01-2005 - 00:00
CVE-2008-3520 9.3
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.
06-12-2016 - 21:59 02-10-2008 - 14:18
CVE-2007-0494 4.3
ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 (Bind Forum only) allows remote attackers to cause a denial of service (exit) via a type * (ANY) DNS query response that
06-12-2016 - 21:59 25-01-2007 - 15:28
CVE-2008-1951 4.6
Untrusted search path vulnerability in a certain Red Hat build script for Standards Based Linux Instrumentation for Manageability (sblim) libraries before 1-13a.el4_6.1 in Red Hat Enterprise Linux (RHEL) 4, and before 1-31.el5_2.1 in RHEL 5, allows l
08-11-2016 - 13:07 25-06-2008 - 08:36
CVE-2008-1423 9.3
Integer overflow in a certain quantvals and quantlist calculation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted OGG file with a large virtual space for its
08-11-2016 - 13:07 16-05-2008 - 08:54
CVE-2008-1420 6.8
Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow.
08-11-2016 - 13:04 16-05-2008 - 08:54
CVE-2008-1419 4.3
Xiph.org libvorbis 1.2.0 and earlier does not properly handle a zero value for codebook.dim, which allows remote attackers to cause a denial of service (crash or infinite loop) or trigger an integer overflow.
08-11-2016 - 12:01 16-05-2008 - 08:54
CVE-2006-5297 1.2
Race condition in the safe_open function in the Mutt mail client 1.5.12 and earlier, when creating temporary files in an NFS filesystem, allows local users to overwrite arbitrary files due to limitations of the use of the O_EXCL flag on NFS filesyste
17-10-2016 - 23:41 16-10-2006 - 15:07
CVE-2006-5052 5.0
Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."
17-10-2016 - 23:41 27-09-2006 - 19:07
CVE-2006-4019 6.4
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
17-10-2016 - 23:40 11-08-2006 - 17:04
CVE-2005-2370 5.0
Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2, Gaim before 1.5.0, and other packages, allows remote attackers to cause a denial of service (bus error) on certain architectures such as SPARC via an incoming message.
17-10-2016 - 23:26 26-07-2005 - 00:00
CVE-2005-1477 5.1
The install function in Firefox 1.0.3 allows remote web sites on the browser's whitelist, such as update.mozilla.org or addon.mozilla.org, to execute arbitrary Javascript with chrome privileges, leading to arbitrary code execution on the system when
17-10-2016 - 23:19 09-05-2005 - 00:00
CVE-2005-1476 5.1
Firefox 1.0.3 allows remote attackers to execute arbitrary Javascript in other domains by using an IFRAME and causing the browser to navigate to a previous javascript: URL, which can lead to arbitrary code execution when combined with CVE-2005-1477.
17-10-2016 - 23:19 09-05-2005 - 00:00
CVE-2005-0546 7.5
Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via (1) an off-by-one error in the imapd annotate extension, (2) an off-by-one error in "cached header handling," (3) a stack-based buffer overflow i
17-10-2016 - 23:12 02-05-2005 - 00:00
CVE-2005-0337 7.5
Postfix 2.1.3, when /proc/net/if_inet6 is not available and permit_mx_backup is enabled in smtpd_recipient_restrictions, allows remote attackers to bypass e-mail restrictions and perform mail relaying by sending mail to an IPv6 hostname.
17-10-2016 - 23:10 02-05-2005 - 00:00
CVE-2005-0231 2.6
Firefox 1.0 does not invoke the Javascript Security Manager when a user drags a javascript: or data: URL to a tab, which allows remote attackers to bypass the security model, aka "firetabbing."
17-10-2016 - 23:08 07-02-2005 - 00:00
CVE-2005-0176 5.0
The shmctl function in Linux 2.6.9 and earlier allows local users to unlock the memory of other processes, which could cause sensitive memory to be swapped to disk, which could allow it to be read by other users once it has been released.
17-10-2016 - 23:08 15-02-2005 - 00:00
CVE-2005-0022 4.6
Buffer overflow in the spa_base64_to_bits function in Exim before 4.43, as originally obtained from Samba code, and as called by the auth_spa_client function, may allow attackers to execute arbitrary code during SPA authentication.
17-10-2016 - 23:07 02-05-2005 - 00:00
CVE-2004-0918 5.0
The asn_parse_header function (asn1.c) in the SNMP module for Squid Web Proxy Cache before 2.4.STABLE7 allows remote attackers to cause a denial of service (server restart) via certain SNMP packets with negative length fields that trigger a memory al
17-10-2016 - 22:49 27-01-2005 - 00:00
CVE-2004-0904 10.0
Integer overflow in the bitmap (BMP) decoder for Mozilla Firefox before the Preview Release, Mozilla before 1.7.3, and Thunderbird before 0.8 allow remote attackers to execute arbitrary code via wide bitmap files that trigger heap-based buffer overfl
17-10-2016 - 22:49 31-12-2004 - 00:00
CVE-2004-0792 6.4
Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files.
17-10-2016 - 22:49 20-10-2004 - 00:00
CVE-2004-0782 7.5
Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based
17-10-2016 - 22:48 20-10-2004 - 00:00
CVE-2004-0692 5.0
The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0691 7.5
Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0598 5.0
The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.
17-10-2016 - 22:46 23-11-2004 - 00:00
CVE-2004-0421 5.0
The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0416 10.0
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0381 2.1
mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
17-10-2016 - 22:44 04-05-2004 - 00:00
CVE-2004-0110 7.5
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
17-10-2016 - 22:40 15-03-2004 - 00:00
CVE-2003-0977 7.5
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
17-10-2016 - 22:38 05-01-2004 - 00:00
CVE-2003-0962 7.5
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
17-10-2016 - 22:38 15-12-2003 - 00:00
CVE-2003-0465 5.0
The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks.
17-10-2016 - 22:34 18-08-2003 - 00:00
CVE-2003-0056 7.2
Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.
17-10-2016 - 22:28 19-02-2003 - 00:00
CVE-2010-1321 6.8
The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (aka krb5) through 1.7.1 and 1.8 before 1.8.2, as used in kadmind and other applications, does not properly check for invalid GSS-API tokens, which allo
22-08-2016 - 22:01 19-05-2010 - 14:30
CVE-2010-0434 4.3
The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, wh
22-08-2016 - 22:00 05-03-2010 - 14:30
CVE-2009-4136 6.5
PostgreSQL 7.4.x before 7.4.27, 8.0.x before 8.0.23, 8.1.x before 8.1.19, 8.2.x before 8.2.15, 8.3.x before 8.3.9, and 8.4.x before 8.4.2 does not properly manage session-local state during execution of an index function by a database superuser, whic
22-08-2016 - 22:00 15-12-2009 - 13:30
CVE-2009-3720 5.0
The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafte
22-08-2016 - 22:00 03-11-2009 - 11:30
CVE-2009-3560 5.0
The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that
22-08-2016 - 22:00 04-12-2009 - 16:30
CVE-2009-3245 10.0
OpenSSL before 0.9.8m does not check for a NULL return value from bn_wexpand function calls in (1) crypto/bn/bn_div.c, (2) crypto/bn/bn_gf2m.c, (3) crypto/ec/ec2_smpl.c, and (4) engines/e_ubsec.c, which has unspecified impact and context-dependent at
22-08-2016 - 21:59 05-03-2010 - 14:30
CVE-2009-3230 6.5
The core server component in PostgreSQL 8.4 before 8.4.1, 8.3 before 8.3.8, 8.2 before 8.2.14, 8.1 before 8.1.18, 8.0 before 8.0.22, and 7.4 before 7.4.26 does not use the appropriate privileges for the (1) RESET ROLE and (2) RESET SESSION AUTHORIZAT
22-08-2016 - 21:59 17-09-2009 - 06:30
CVE-2009-3095 7.5
The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as
22-08-2016 - 21:59 08-09-2009 - 14:30
CVE-2009-3094 2.6
The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a mal
22-08-2016 - 21:59 08-09-2009 - 14:30
CVE-2009-2813 6.0
Samba 3.4 before 3.4.2, 3.3 before 3.3.8, 3.2 before 3.2.15, and 3.0.12 through 3.0.36, as used in the SMB subsystem in Apple Mac OS X 10.5.8 when Windows File Sharing is enabled, Fedora 11, and other operating systems, does not properly handle error
22-08-2016 - 21:59 14-09-2009 - 12:30
CVE-2009-0922 4.0
PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified enco
22-08-2016 - 21:59 17-03-2009 - 13:30
CVE-2009-0590 5.0
The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid
22-08-2016 - 21:59 27-03-2009 - 12:30
CVE-2008-2939 4.3
Cross-site scripting (XSS) vulnerability in proxy_ftp.c in the mod_proxy_ftp module in Apache 2.0.63 and earlier, and mod_proxy_ftp.c in the mod_proxy_ftp module in Apache 2.2.9 and earlier 2.2 versions, allows remote attackers to inject arbitrary we
27-05-2016 - 11:37 06-08-2008 - 14:41
CVE-2009-0025 6.8
BIND 9.6.0, 9.5.1, 9.5.0, 9.4.3, and earlier does not properly check the return value from the OpenSSL DSA_verify function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature, a similar vulne
04-04-2016 - 14:12 07-01-2009 - 12:30
CVE-2009-0696 4.3
The dns_db_findrdataset function in db.c in named in ISC BIND 9.4 before 9.4.3-P3, 9.5 before 9.5.1-P3, and 9.6 before 9.6.1-P1, when configured as a master server, allows remote attackers to cause a denial of service (assertion failure and daemon ex
04-04-2016 - 11:50 29-07-2009 - 13:30
CVE-2009-3301 9.3
Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word d
17-11-2015 - 10:59 16-02-2010 - 14:30
CVE-2009-1364 7.5
Use-after-free vulnerability in the embedded GD library in libwmf 0.2.8.4 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WMF file.
15-07-2015 - 11:04 01-05-2009 - 13:30
CVE-2007-2926 4.3
ISC BIND 9 through 9.5.0a5 uses a weak random number generator during generation of DNS query ids when answering resolver questions or sending NOTIFY messages to slave name servers, which makes it easier for remote attackers to guess the next query i
16-03-2015 - 21:59 24-07-2007 - 13:30
CVE-2009-0792 9.3
Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to caus
06-01-2015 - 21:59 14-04-2009 - 12:26
CVE-2009-3302 9.3
filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "
13-11-2014 - 21:59 16-02-2010 - 14:30
CVE-2009-2950 9.3
Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary
13-11-2014 - 21:59 16-02-2010 - 14:30
CVE-2009-2949 9.3
Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.
13-11-2014 - 21:59 16-02-2010 - 14:30
CVE-2009-0201 9.3
Heap-based buffer overflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via unspecified records in a crafted Word document, related to "table parsing."
24-10-2014 - 01:33 02-09-2009 - 13:30
CVE-2009-0200 9.3
Integer underflow in OpenOffice.org (OOo) before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow.
24-10-2014 - 01:33 02-09-2009 - 13:30
CVE-2007-4752 7.5
ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted
08-08-2014 - 16:37 11-09-2007 - 21:17
CVE-2007-0008 6.8
Integer underflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server produc
04-05-2014 - 22:38 26-02-2007 - 15:28
CVE-2009-0689 6.8
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD
25-03-2014 - 23:51 01-07-2009 - 09:00
CVE-2007-0009 6.8
Stack-based buffer overflow in the SSLv2 support in Mozilla Network Security Services (NSS) before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, SeaMonkey before 1.0.8, and certain Sun Java System ser
16-01-2014 - 22:46 26-02-2007 - 15:28
CVE-2009-0159 6.8
Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
04-12-2013 - 06:21 14-04-2009 - 11:30
CVE-2008-1097 6.8
Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possib
24-11-2013 - 22:38 05-03-2008 - 15:44
CVE-2013-0086 5.0
Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which allows remote attackers to obtain sensitive information via a crafted OneNote file, aka "Buffer Size Validation Vulnerability."
02-11-2013 - 23:29 12-03-2013 - 20:55
CVE-2010-0423 5.0
gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consumption and application hang) by sending many smileys in a (1) IM or (2) chat.
02-11-2013 - 22:56 24-02-2010 - 13:30
CVE-2010-0420 4.3
libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nicknames containing <br> sequences, which allows remote attackers to cause a denial of service (application crash) via a crafted nick
02-11-2013 - 22:56 24-02-2010 - 13:30
CVE-2010-0277 5.0
slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3.8 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via a malf
02-11-2013 - 22:56 09-01-2010 - 13:30
CVE-2010-0013 5.0
Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) requ
02-11-2013 - 22:55 09-01-2010 - 13:30
CVE-2009-3615 5.0
The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM I
02-11-2013 - 22:53 20-10-2009 - 13:30
CVE-2009-1376 9.3
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remo
02-11-2013 - 22:49 26-05-2009 - 11:30
CVE-2009-1374 5.0
Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet.
02-11-2013 - 22:49 26-05-2009 - 11:30
CVE-2009-1373 7.1
Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained fr
02-11-2013 - 22:49 26-05-2009 - 11:30
CVE-2008-2927 6.8
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to
02-11-2013 - 22:38 07-07-2008 - 19:41
CVE-2009-1956 6.4
Off-by-one error in the apr_brigade_vprintf function in Apache APR-util before 1.3.5 on big-endian platforms allows remote attackers to obtain sensitive information or cause a denial of service (application crash) via crafted input.
10-10-2013 - 23:14 07-06-2009 - 21:00
CVE-2009-1955 7.8
The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service (memory consumption) via
10-10-2013 - 23:14 07-06-2009 - 21:00
CVE-2009-0023 4.3
The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service (daemon crash) via crafted input involving (1) a .htaccess file used with the Apache HTTP Server, (2)
10-10-2013 - 23:05 07-06-2009 - 21:00
CVE-2008-0412 9.3
The browser engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via vectors related to the (1) nsTableF
13-09-2013 - 01:50 08-02-2008 - 17:00
CVE-2008-0418 4.3
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8, when using "flat" addons, allows remote attackers to read arbitrary Javascript, image, and stylesheet files via the chrome:
09-09-2013 - 01:30 08-02-2008 - 17:00
CVE-2009-3370 5.0
Mozilla Firefox before 3.0.15, and 3.5.x before 3.5.4, allows remote attackers to read form history by forging mouse and keyboard events that leverage the auto-fill feature to populate form fields, in an attacker-readable form, with history entries.
06-09-2013 - 01:54 29-10-2009 - 10:30
CVE-2007-1558 2.6
The APOP protocol allows remote attackers to guess the first 3 characters of a password via man-in-the-middle (MITM) attacks that use crafted message IDs and MD5 collisions. NOTE: this design-level issue potentially affects all products that use APO
06-09-2013 - 01:19 16-04-2007 - 18:19
CVE-2009-0599 5.0
Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file.
02-09-2013 - 01:54 16-02-2009 - 15:30
CVE-2008-4060 7.5
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to create documents that lack script-handling objects, and execute arbitrary code with chrome privileges, via vector
02-09-2013 - 01:45 24-09-2008 - 16:37
CVE-2007-1362 4.3
Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to cause a denial of service via (1) a large cookie path parameter, which triggers memory consumption, or (2) an internal delimiter w
02-09-2013 - 01:21 31-05-2007 - 20:30
CVE-2007-6428 5.0
The ProcGetReservedColormapEntries function in the TOG-CUP extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to read the contents of arbitrary memory locations via a request containing a 32-bit value that is improperly used a
30-08-2013 - 01:37 18-01-2008 - 18:00
CVE-2007-1592 4.9
net/ipv6/tcp_ipv6.c in Linux kernel 2.6.x up to 2.6.21-rc3 inadvertently copies the ipv6_fl_socklist from a listening TCP socket to child sockets, which allows local users to cause a denial of service (OOPS) or double free by opening a listening IPv6
29-08-2013 - 01:29 22-03-2007 - 15:19
CVE-2008-5025 7.8
Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid cata
28-08-2013 - 01:56 17-11-2008 - 18:30
CVE-2007-5000 4.3
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3.0 through 1.3.39 and 2.0.35 through 2.0.61 and the (2) mod_imagemap module in the Apache HTTP Server 2.2.0 through 2.2.6 allows remote attackers to inje
28-08-2013 - 01:38 13-12-2007 - 13:46
CVE-2007-1659 6.8
Perl-Compatible Regular Expression (PCRE) library before 7.3 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via regex patterns containing unmatched "\Q\E" sequences with orphan "\E" codes.
28-08-2013 - 01:28 07-11-2007 - 18:46
CVE-2009-1169 9.3
The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT trans
27-08-2013 - 02:19 26-03-2009 - 20:30
CVE-2009-1192 4.9
The (1) agp_generic_alloc_page and (2) agp_generic_alloc_pages functions in drivers/char/agp/generic.c in the agp subsystem in the Linux kernel before 2.6.30-rc3 do not zero out pages that may later be available to a user-space process, which allows
25-08-2013 - 02:00 24-04-2009 - 11:30
CVE-2008-4059 7.5
The XPConnect component in Mozilla Firefox before 2.0.0.17 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vectors related to a SCRIPT element.
25-08-2013 - 01:50 24-09-2008 - 16:37
CVE-2010-0160 10.0
The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly handle array data types for posted messages, which allows remote attackers to cause a denial of service (heap me
24-08-2013 - 02:11 22-02-2010 - 08:00
CVE-2006-3801 7.5
Mozilla Firefox 1.5 before 1.5.0.5 and SeaMonkey before 1.0.3 does not properly clear a JavaScript reference to a frame or window, which leaves a pointer to a deleted object that allows remote attackers to execute arbitrary native code.
24-08-2013 - 01:09 27-07-2006 - 16:04
CVE-2007-3735 9.3
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.
23-08-2013 - 01:50 18-07-2007 - 13:30
CVE-2009-3547 6.9
Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathna
20-08-2013 - 02:34 04-11-2009 - 10:30
CVE-2008-4063 9.3
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1)
19-08-2013 - 12:43 24-09-2008 - 16:37
CVE-2008-1096 6.8
The load_tile function in the XCF coder in coders/xcf.c in (1) ImageMagick 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .xcf
17-08-2013 - 01:50 05-03-2008 - 15:44
CVE-2007-4572 9.3
Stack-based buffer overflow in nmbd in Samba 3.0.0 through 3.0.26a, when configured as a Primary or Backup Domain controller, allows remote attackers to have an unknown impact via crafted GETDC mailslot requests, related to handling of GETDC logon se
13-08-2013 - 12:10 16-11-2007 - 13:46
CVE-2007-1718 7.8
CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of
13-08-2013 - 12:00 27-03-2007 - 20:19
CVE-2009-1336 4.9
fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service (OOPS) via a long filename, related to the en
09-08-2013 - 02:12 22-04-2009 - 11:30
CVE-2007-6015 9.3
Stack-based buffer overflow in the send_mailslot function in nmbd in Samba 3.0.0 through 3.0.27a, when the "domain logons" option is enabled, allows remote attackers to execute arbitrary code via a GETDC mailslot request composed of a long GETDC stri
08-08-2013 - 01:41 13-12-2007 - 16:46
CVE-2008-2933 2.6
Mozilla Firefox before 2.0.0.16, and 3.x before 3.0.1, interprets '|' (pipe) characters in a command-line URI as requests to open multiple tabs, which allows remote attackers to access chrome:i URIs, or read arbitrary local files via manipulations in
02-08-2013 - 02:00 17-07-2008 - 09:41
CVE-2006-3403 5.0
The smdb daemon (smbd/service.c) in Samba 3.0.1 through 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of share connection requests.
02-08-2013 - 01:11 12-07-2006 - 15:05
CVE-2009-0028 2.1
The clone system call in the Linux kernel 2.6.28 and earlier allows local users to send arbitrary signals to a parent process from an unprivileged child process by launching an additional child process with the CLONE_PARENT flag, and then letting thi
01-08-2013 - 02:03 27-02-2009 - 12:30
CVE-2008-3658 7.5
Buffer overflow in the imageloadfont function in ext/gd/gd.c in PHP 4.4.x before 4.4.9 and PHP 5.2 before 5.2.6-r6 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
01-08-2013 - 01:52 14-08-2008 - 20:41
CVE-2008-4058 7.5
The XPConnect component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to "pollute XPCNativeWrappers" and execute arbitrary code with chrome privileges via vec
27-07-2013 - 01:50 24-09-2008 - 16:37
CVE-2008-1612 4.3
The arrayShrink function (lib/Array.c) in Squid 2.6.STABLE17 allows attackers to cause a denial of service (process exit) via unknown vectors that cause an array to shrink to 0 entries, which triggers an assert error. NOTE: this issue is due to an i
27-07-2013 - 01:44 01-04-2008 - 13:44
CVE-2007-1660 6.8
Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate sizes for unspecified "multiple forms of character class", which triggers a buffer overflow that allows context-dependent attackers to cause a denial of service
27-07-2013 - 01:27 07-11-2007 - 18:46
CVE-2007-3511 4.3
The focus handling for the onkeydown event in Mozilla Firefox 1.5.0.12, 2.0.0.4 and other versions before 2.0.0.8, and SeaMonkey before 1.1.5 allows remote attackers to change field focus and copy keystrokes via the "for" attribute in a label, which
23-07-2013 - 03:39 03-07-2007 - 06:30
CVE-2004-1073 2.1
The open_exec function in the execve functionality (exec.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, allows local users to read non-readable ELF binaries by using the interpreter (PT_INTERP) functionality.
18-07-2013 - 00:33 10-01-2005 - 00:00
CVE-2008-2364 5.0
The ap_proxy_http_process_response function in mod_proxy_http.c in the mod_proxy module in the Apache HTTP Server 2.0.63 and 2.2.8 does not limit the number of forwarded interim responses, which allows remote HTTP servers to cause a denial of service
17-07-2013 - 11:44 13-06-2008 - 14:41
CVE-2007-6388 4.3
Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2.2.6, 2.0.35 through 2.0.61, and 1.3.2 through 1.3.39, when the server-status page is enabled, allows remote attackers to inject arbitrary web script or H
17-07-2013 - 11:33 08-01-2008 - 13:46
CVE-2007-3847 5.0
The date handling code in modules/proxy/proxy_util.c (mod_proxy) in Apache 2.3.0, when using a threaded MPM, allows remote origin servers to cause a denial of service (caching forward proxy process crash) via crafted date headers that trigger a buffe
17-07-2013 - 11:25 23-08-2007 - 18:17
CVE-2006-5752 4.3
Cross-site scripting (XSS) vulnerability in mod_status.c in the mod_status module in Apache HTTP Server (httpd), when ExtendedStatus is enabled and a public server-status page is used, allows remote attackers to inject arbitrary web script or HTML vi
17-07-2013 - 11:01 27-06-2007 - 13:30
CVE-2009-3375 4.3
content/html/document/src/nsHTMLDocument.cpp in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allows user-assisted remote attackers to bypass the Same Origin Policy and read an arbitrary content selection via the document.getSelection fu
15-07-2013 - 01:57 29-10-2009 - 10:30
CVE-2010-0177 9.3
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to ex
12-07-2013 - 02:03 05-04-2010 - 13:30
CVE-2009-1895 7.2
The personality subsystem in the Linux kernel before 2.6.31-rc3 has a PER_CLEAR_ON_SETID setting that does not clear the ADDR_COMPAT_LAYOUT and MMAP_PAGE_ZERO flags when executing a setuid or setgid program, which makes it easier for local users to l
06-07-2013 - 02:38 16-07-2009 - 11:30
CVE-2007-3089 4.3
Mozilla Firefox before 2.0.0.5 does not prevent use of document.write to replace an IFRAME (1) during the load stage or (2) in the case of an about:blank frame, which allows remote attackers to display arbitrary HTML or execute certain JavaScript cod
06-07-2013 - 02:09 06-06-2007 - 17:30
CVE-2010-0542 6.8
The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4.4 does not check the return values of certain calloc calls, which allows remote attackers to cause a denial of service (NULL pointer dereference or he
14-05-2013 - 23:06 21-06-2010 - 12:30
CVE-2010-0540 6.0
Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used on Apple Mac OS X 10.5.8, Mac OS X 10.6 before 10.6.4, and other platforms, allows remote attackers to hijack the authentication of administrators for
14-05-2013 - 23:06 17-06-2010 - 12:30
CVE-2009-2347 9.3
Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a hea
14-05-2013 - 22:57 14-07-2009 - 16:30
CVE-2008-1808 7.5
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which trigger
14-05-2013 - 22:40 16-06-2008 - 15:41
CVE-2008-1807 7.5
FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.
14-05-2013 - 22:40 16-06-2008 - 15:41
CVE-2008-1806 7.5
Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buf
14-05-2013 - 22:40 16-06-2008 - 15:41
CVE-2010-1440 6.8
Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a special command in a DVI file, related
18-04-2013 - 23:00 07-05-2010 - 14:24
CVE-2010-0739 6.8
Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX might allow user-assisted remote attackers to execute arbitrary code via a crafted DVI file that triggers a heap-based buffer overflow. NOTE: some of
18-04-2013 - 22:59 16-04-2010 - 14:30
CVE-2006-4811 6.8
Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary
07-02-2013 - 00:00 18-10-2006 - 13:07
CVE-2009-2473 4.3
neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large numbe
06-02-2013 - 23:20 21-08-2009 - 13:30
CVE-2011-3413 9.3
Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory
29-01-2013 - 23:42 13-12-2011 - 19:55
CVE-2009-2848 4.7
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone
22-01-2013 - 23:18 18-08-2009 - 17:00
CVE-2009-2847 4.9
The do_sigaltstack function in kernel/signal.c in Linux kernel 2.4 through 2.4.37 and 2.6 before 2.6.31-rc5, when running on 64-bit systems, does not clear certain padding bytes from a structure, which allows local users to obtain sensitive informati
22-01-2013 - 23:18 18-08-2009 - 17:00
CVE-2009-2446 8.5
Multiple format string vulnerabilities in the dispatch_command function in libmysqld/sql_parse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service (daemon crash) and possibly have unspecified other
22-01-2013 - 23:17 13-07-2009 - 13:30
CVE-2008-4456 2.6
Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by
22-01-2013 - 23:03 06-10-2008 - 19:25
CVE-2008-2079 4.6
MySQL 4.1.x before 4.1.24, 5.0.x before 5.0.60, 5.1.x before 5.1.24, and 6.0.x before 6.0.5 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY argume
22-01-2013 - 22:56 05-05-2008 - 12:20
CVE-2008-2812 7.2
The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) ha
26-11-2012 - 22:47 08-07-2008 - 20:41
CVE-2008-2811 10.0
The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose di
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2810 6.8
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly identify the context of Windows shortcut files, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site for which the user has pre
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2809 4.0
Mozilla 1.9 M8 and earlier, Mozilla Firefox 2 before 2.0.0.15, SeaMonkey 1.1.5 and other versions before 1.1.10, Netscape 9.0, and other Mozilla-based web browsers, when a user accepts an SSL server certificate on the basis of the CN domain name in t
26-11-2012 - 22:47 08-07-2008 - 19:41
CVE-2008-2808 4.3
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly escape HTML in file:// URLs in directory listings, which allows remote attackers to conduct cross-site scripting (XSS) attacks or have unspecified other impact via a crafted
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2807 5.0
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly handle an invalid .properties file for an add-on, which allows remote attackers to read uninitialized memory, as demonstrated by use of ISO 8859 encoding instead of UTF-8 enc
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2805 5.0
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to force the upload of arbitrary local files from a client computer via vectors involving originalTarget and DOM Range.
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2803 6.8
The mozIJSSubScriptLoader.LoadScript function in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 does not apply XPCNativeWrappers to scripts loaded from (1) file: URIs, (2) data: URIs, or (3) certain non
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2802 7.5
Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to execute arbitrary code via an XUL document that includes a script from a chrome: URI that points to a fastload file, related to t
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2801 7.5
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 do not properly implement JAR signing, which allows remote attackers to execute arbitrary code via (1) injection of JavaScript into documents within a JAR archive or (2) a JAR archive that u
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2800 4.3
Mozilla Firefox before 2.0.0.15 and SeaMonkey before 1.1.10 allow remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via vectors involving (1) an event handler attached to an outer window, (2) a SCRIPT el
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2799 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unk
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2798 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unk
26-11-2012 - 22:47 07-07-2008 - 19:41
CVE-2008-2374 7.5
src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3.34 versions, does not validate string length fields in SDP packets, which allows remote SDP servers to cause a denial of service or possibly have unspeci
26-11-2012 - 22:46 07-07-2008 - 19:41
CVE-2008-2292 6.8
Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in
26-11-2012 - 22:46 18-05-2008 - 10:20
CVE-2008-1669 6.9
Linux kernel before 2.6.25.2 does not apply a certain protection mechanism for fcntl functionality, which allows local users to (1) execute code in parallel or (2) exploit a race condition to obtain "re-ordered access to the descriptor table."
26-11-2012 - 22:44 07-05-2008 - 20:20
CVE-2008-1615 4.9
Linux kernel 2.6.18, and possibly other versions, when running on AMD64 architectures, allows local users to cause a denial of service (crash) via certain ptrace calls.
26-11-2012 - 22:44 07-05-2008 - 20:20
CVE-2010-1240 9.3
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arb
05-11-2012 - 23:38 05-04-2010 - 11:30
CVE-2008-5029 4.9
The __scm_destroy function in net/core/scm.c in the Linux kernel 2.6.27.4, 2.6.26, and earlier makes indirect recursive calls to itself through calls to the fput function, which allows local users to cause a denial of service (panic) via vectors rela
05-11-2012 - 23:11 10-11-2008 - 11:15
CVE-2008-4306 9.3
Buffer overflow in enscript before 1.6.4 has unknown impact and attack vectors, possibly related to the font escape sequence.
05-11-2012 - 23:09 04-11-2008 - 16:00
CVE-2008-3863 7.6
Stack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a
05-11-2012 - 23:07 23-10-2008 - 18:00
CVE-2007-2878 4.9
The VFAT compat ioctls in the Linux kernel before 2.6.21.2, when run on a 64-bit system, allow local users to corrupt a kernel_dirent struct and cause a denial of service (system crash) via unknown vectors.
05-11-2012 - 22:40 29-05-2007 - 16:30
CVE-2007-2871 4.3
Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to spoof or hide the browser chrome, such as the location bar, by placing XUL popups outside of the browser's content pane. NOTE: th
05-11-2012 - 22:40 31-05-2007 - 20:30
CVE-2007-2870 4.3
Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2, allows remote attackers to bypass the same-origin policy and conduct cross-site scripting (XSS) and other attacks by using the addEventListener method to add
05-11-2012 - 22:40 31-05-2007 - 20:30
CVE-2007-2869 4.3
The form autocomplete feature in Mozilla Firefox 1.5.x before 1.5.0.12, 2.x before 2.0.0.4, and possibly earlier versions, allows remote attackers to cause a denial of service (persistent temporary CPU consumption) via a large number of characters in
05-11-2012 - 22:40 31-05-2007 - 20:30
CVE-2007-2868 9.3
Multiple vulnerabilities in the JavaScript engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of se
05-11-2012 - 22:40 31-05-2007 - 20:30
CVE-2007-2867 9.3
Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of servic
05-11-2012 - 22:40 31-05-2007 - 20:30
CVE-2007-2756 4.3
The gdPngReadData function in libgd 2.0.34 allows user-assisted attackers to cause a denial of service (CPU consumption) via a crafted PNG image with truncated data, which causes an infinite loop in the png_read_info function in libpng.
05-11-2012 - 22:39 18-05-2007 - 14:30
CVE-2007-2691 4.9
MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not require the DROP privilege for RENAME TABLE statements, which allows remote authenticated users to rename arbitrary tables.
05-11-2012 - 22:39 15-05-2007 - 21:19
CVE-2007-2683 3.5
Buffer overflow in Mutt 1.4.2 might allow local users to execute arbitrary code via "&" characters in the GECOS field, which triggers the overflow during alias expansion.
05-11-2012 - 22:39 15-05-2007 - 17:19
CVE-2007-2589 5.0
Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.
05-11-2012 - 22:38 11-05-2007 - 00:20
CVE-2007-2509 2.6
CRLF injection vulnerability in the ftp_putcmd function in PHP before 4.4.7, and 5.x before 5.2.2 allows remote attackers to inject arbitrary FTP commands via CRLF sequences in the parameters to earlier FTP commands.
05-11-2012 - 22:38 08-05-2007 - 20:19
CVE-2007-2172 4.7
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an "out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2) fib_props (fib_semantics.c, I
05-11-2012 - 22:37 22-04-2007 - 15:19
CVE-2007-2052 5.0
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown m
05-11-2012 - 22:36 16-04-2007 - 18:19
CVE-2007-1825 7.5
Buffer overflow in the imap_mail_compose function in PHP 5 before 5.2.1, and PHP 4 before 4.4.5, allows remote attackers to execute arbitrary code via a long boundary string in a type.parameters field. NOTE: as of 20070411, it appears that this issue
05-11-2012 - 22:36 02-04-2007 - 19:19
CVE-2007-1701 6.8
PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when register_globals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling se
05-11-2012 - 22:35 26-03-2007 - 21:19
CVE-2007-1349 4.3
PerlRun.pm in Apache mod_perl before 1.30, and RegistryCooker.pm in mod_perl 2.x, does not properly escape PATH_INFO before use in a regular expression, which allows remote attackers to cause a denial of service (resource consumption) via a crafted U
05-11-2012 - 22:34 29-03-2007 - 20:19
CVE-2007-1262 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the (1) data: URI in an HTML e-mail attachment or (2) various non-ASCII char
05-11-2012 - 22:33 11-05-2007 - 00:20
CVE-2009-0021 5.0
NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for
30-10-2012 - 23:13 07-01-2009 - 12:30
CVE-2008-5512 6.8
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allow remote attackers to run arbitrary JavaScript with chrome privileges via unknown v
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5511 4.3
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy and conduct cross-site scripting (XSS) attacks via an XBL binding to a
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5510 5.0
The CSS parser in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 ignores the '\0' escaped null character, which might allow remote attackers to bypass protection mechanisms s
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5508 4.3
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not properly parse URLs with leading whitespace or control characters, which might allow remote attackers to misrepresent
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5506 6.8
Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to bypass the same origin policy by causing the browser to issue an XMLHttpRequest to an attacker-contr
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5503 2.6
The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 does not perform any security checks related to the same-domain policy, which allows remote attackers to read or
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5500 10.0
The layout engine in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via ve
30-10-2012 - 23:07 17-12-2008 - 18:30
CVE-2008-5031 10.0
Multiple integer overflows in Python 2.2.3 through 2.5.1, and 2.6, allow context-dependent attackers to have an unknown impact via a large integer value in the tabsize argument to the expandtabs method, as implemented by (1) the string_expandtabs fun
30-10-2012 - 23:06 10-11-2008 - 11:15
CVE-2008-5024 7.5
Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly escape quote characters used for XML processing, which allows remote attackers to conduct XML injection at
30-10-2012 - 23:06 13-11-2008 - 06:30
CVE-2008-5023 7.5
Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the protection mechanism for codebase principals and execute arbitrary script via the -moz-binding CSS property in a signed JAR f
30-10-2012 - 23:06 13-11-2008 - 06:30
CVE-2008-5022 7.5
The nsXMLHttpRequest::NotifyEventListeners method in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to bypass the same-origin policy and execute arbitrar
30-10-2012 - 23:06 13-11-2008 - 06:30
CVE-2008-5021 9.3
nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying pr
30-10-2012 - 23:06 13-11-2008 - 06:30
CVE-2008-5019 4.3
The session restore feature in Mozilla Firefox 3.x before 3.0.4 and 2.x before 2.0.0.18 allows remote attackers to violate the same origin policy to conduct cross-site scripting (XSS) attacks and execute arbitrary JavaScript with chrome privileges vi
30-10-2012 - 23:06 13-11-2008 - 06:30
CVE-2008-5018 10.0
The JavaScript engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via vectors related to "insufficient
30-10-2012 - 23:06 13-11-2008 - 06:30
CVE-2008-5017 10.0
Integer overflow in xpcom/io/nsEscape.cpp in the browser engine in Mozilla Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (c
30-10-2012 - 23:06 13-11-2008 - 06:30
CVE-2008-5016 5.0
The layout engine in Mozilla Firefox 3.x before 3.0.4, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via multiple vectors that trigger an assertion failure or other conse
30-10-2012 - 23:06 13-11-2008 - 06:30
CVE-2008-5015 5.1
Mozilla Firefox 3.x before 3.0.4 assigns chrome privileges to a file: URI when it is accessed in the same tab from a chrome or privileged about: page, which makes it easier for user-assisted attackers to execute arbitrary JavaScript with chrome privi
30-10-2012 - 23:06 13-11-2008 - 06:30
CVE-2008-5014 10.0
jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifyin
30-10-2012 - 23:06 13-11-2008 - 06:30
CVE-2008-5012 5.0
Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 do not properly change the source URI when processing a canvas element and an HTTP redirect, which allows remote attackers to bypass the same origin
30-10-2012 - 23:06 13-11-2008 - 06:30
CVE-2008-4864 7.5
Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function,
30-10-2012 - 23:06 31-10-2008 - 20:00
CVE-2008-4101 9.3
Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute
30-10-2012 - 23:03 18-09-2008 - 13:59
CVE-2008-3660 5.0
PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php.
30-10-2012 - 23:01 14-08-2008 - 20:41
CVE-2008-2712 9.3
Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3)
30-10-2012 - 22:58 16-06-2008 - 17:41
CVE-2008-2383 9.3
CRLF injection vulnerability in xterm allows user-assisted attackers to execute arbitrary commands via LF (aka \n) characters surrounding a command name within a Device Control Request Status String (DECRQSS) escape sequence in a text file, a related
30-10-2012 - 22:57 02-01-2009 - 13:11
CVE-2008-2327 6.8
Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file,
30-10-2012 - 22:57 27-08-2008 - 16:41
CVE-2008-2238 9.3
Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow.
30-10-2012 - 22:57 30-10-2008 - 16:00
CVE-2008-2237 9.3
Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 allows remote attackers to execute arbitrary code via a crafted WMF file associated with a StarOffice/StarSuite document.
30-10-2012 - 22:57 30-10-2008 - 16:00
CVE-2008-2108 7.5
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy a
30-10-2012 - 22:56 07-05-2008 - 17:20
CVE-2008-2107 7.5
The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 32-bit systems, performs a multiplication using values that can produce a zero seed in rare circumstances, which allows context-dependent attackers to predict subse
30-10-2012 - 22:56 07-05-2008 - 17:20
CVE-2008-1767 7.5
Buffer overflow in pattern.c in libxslt before 1.1.24 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XSL style sheet file with a long XSLT "transformation match" condition that trigg
30-10-2012 - 22:55 23-05-2008 - 11:32
CVE-2008-0017 9.3
The http-index-format MIME type parser (nsDirIndexParser) in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check for an allocation failure, which allows remote attackers to cause a denial of service (
30-10-2012 - 22:50 13-11-2008 - 06:30
CVE-2007-5846 7.8
The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value.
30-10-2012 - 22:46 06-11-2007 - 16:46
CVE-2007-5497 5.8
Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image.
30-10-2012 - 22:45 07-12-2007 - 06:46
CVE-2007-3820 2.6
konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed.
30-10-2012 - 22:39 16-07-2007 - 21:30
CVE-2007-3799 4.3
The session_start function in ext/session in PHP 4.x up to 4.4.7 and 5.x up to 5.2.3 allows remote attackers to insert arbitrary attributes into the session cookie via special characters in a cookie that is obtained from (1) PATH_INFO, (2) the sessio
30-10-2012 - 22:39 16-07-2007 - 18:30
CVE-2007-3780 5.0
MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
30-10-2012 - 22:39 15-07-2007 - 18:30
CVE-2007-3656 6.8
Mozilla Firefox before 1.8.0.13 and 1.8.1.x before 1.8.1.5 does not perform a security zone check when processing a wyciwyg URI, which allows remote attackers to obtain sensitive information, poison the browser cache, and possibly enable further atta
30-10-2012 - 22:39 10-07-2007 - 15:30
CVE-2007-3476 4.3
Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index values in crafted image data, which results in a se
30-10-2012 - 22:38 28-06-2007 - 14:30
CVE-2007-3473 4.3
The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCreate failure.
30-10-2012 - 22:38 28-06-2007 - 14:30
CVE-2007-3472 4.3
Integer overflow in gdImageCreateTrueColor function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to have unspecified attack vectors and impact.
30-10-2012 - 22:38 28-06-2007 - 14:30
CVE-2007-3409 4.3
Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop.
30-10-2012 - 22:38 26-06-2007 - 14:30
CVE-2007-3393 5.0
Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via crafted DHCP-over-DOCSIS packets.
30-10-2012 - 22:38 25-06-2007 - 20:30
CVE-2007-3391 7.8
Wireshark 0.99.5 allows remote attackers to cause a denial of service (memory consumption) via a malformed DCP ETSI packet that triggers an infinite loop.
30-10-2012 - 22:38 25-06-2007 - 20:30
CVE-2007-3390 5.0
Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain systems, allows remote attackers to cause a denial of service (crash) via crafted iSeries capture files that trigger a SIGTRAP.
30-10-2012 - 22:38 25-06-2007 - 20:30
CVE-2007-3389 5.0
Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload.
30-10-2012 - 22:38 25-06-2007 - 20:30
CVE-2007-3377 4.3
Header.pm in Net::DNS before 0.60, a Perl module, (1) generates predictable sequence IDs with a fixed increment and (2) can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as
30-10-2012 - 22:38 25-06-2007 - 17:30
CVE-2007-3304 4.7
Apache httpd 1.3.37, 2.0.59, and 2.2.4 with the Prefork MPM module, allows local users to cause a denial of service by modifying the worker_score and process_score arrays to reference an arbitrary process ID, which is sent a SIGUSR1 signal from the m
30-10-2012 - 22:38 20-06-2007 - 18:30
CVE-2007-3257 6.8
Camel (camel-imap-folder.c) in the mailer component for Evolution Data Server 1.11 allows remote IMAP servers to execute arbitrary code via a negative SEQUENCE value in GData, which is used as an array index.
30-10-2012 - 22:38 19-06-2007 - 12:30
CVE-2007-2953 6.8
Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, relat
30-10-2012 - 22:36 31-07-2007 - 06:17
CVE-2007-2876 6.1
The sctp_new function in (1) ip_conntrack_proto_sctp.c and (2) nf_conntrack_proto_sctp.c in Netfilter in Linux kernel 2.6 before 2.6.20.13, and 2.6.21.x before 2.6.21.4, allows remote attackers to cause a denial of service by causing certain invalid
30-10-2012 - 22:36 11-06-2007 - 19:30
CVE-2007-2872 6.8
Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 and PHP 4 before 4.4.8 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.
30-10-2012 - 22:36 04-06-2007 - 13:30
CVE-2007-2799 5.1
Integer overflow in the "file" program 4.20, when running on 32-bit systems, as used in products including The Sleuth Kit, might allow user-assisted attackers to execute arbitrary code via a large file that triggers an overflow that bypasses an asser
30-10-2012 - 22:36 23-05-2007 - 17:30
CVE-2007-2798 7.4
Stack-based buffer overflow in the rename_principal_2_svc function in kadmind for MIT Kerberos 1.5.3, 1.6.1, and other versions allows remote authenticated users to execute arbitrary code via a crafted request to rename a principal.
30-10-2012 - 22:36 26-06-2007 - 18:30
CVE-2007-2754 6.8
Integer signedness error in truetype/ttgload.c in Freetype 2.3.4 and earlier might allow remote attackers to execute arbitrary code via a crafted TTF image with a negative n_points value, which leads to an integer overflow and heap-based buffer overf
30-10-2012 - 22:36 17-05-2007 - 18:30
CVE-2007-2446 10.0
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notif
30-10-2012 - 22:34 14-05-2007 - 17:19
CVE-2007-2443 7.9
Integer signedness error in the gssrpc__svcauth_unix function in svc_auth_unix.c in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a negative length value.
30-10-2012 - 22:34 26-06-2007 - 18:30
CVE-2007-2442 9.3
The gssrpc__svcauth_gssapi function in the RPC library in MIT Kerberos 5 (krb5) 1.6.1 and earlier might allow remote attackers to execute arbitrary code via a zero-length RPC credential, which causes kadmind to free an uninitialized pointer during cl
30-10-2012 - 22:34 26-06-2007 - 18:30
CVE-2007-1864 7.5
Buffer overflow in the bundled libxmlrpc library in PHP before 4.4.7, and 5.x before 5.2.2, has unknown impact and remote attack vectors.
30-10-2012 - 22:32 08-05-2007 - 20:19
CVE-2007-1863 5.0
cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with
30-10-2012 - 22:32 27-06-2007 - 13:30
CVE-2007-0245 9.3
Heap-based buffer overflow in OpenOffice.org (OOo) 2.2.1 and earlier allows remote attackers to execute arbitrary code via a RTF file with a crafted prtdata tag with a length parameter inconsistency, which causes vtable entries to be overwritten.
30-10-2012 - 22:27 12-06-2007 - 17:30
CVE-2006-4168 6.8
Integer overflow in the exif_data_load_data_entry function in libexif/exif-data.c in Libexif before 0.6.16 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via an image with many EXIF components, whic
30-10-2012 - 22:15 14-06-2007 - 15:30
CVE-2008-4309 5.0
Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK req
29-10-2012 - 23:17 31-10-2008 - 16:29
CVE-2008-4210 4.6
fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspec
29-10-2012 - 23:16 29-09-2008 - 13:17
CVE-2008-4070 10.0
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to
29-10-2012 - 23:16 27-09-2008 - 06:30
CVE-2008-4068 7.8
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass "restrictions imposed on local HTML files," and obtain sensitive inf
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-4067 4.3
Directory traversal vulnerability in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 on Linux allows remote attackers to read arbitrary files via a .. (dot dot) and URL-encoded / (slash)
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-4066 4.3
Mozilla Firefox 2.0.0.14, and other versions before 2.0.0.17, allows remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via HTML-escaped low surrogate characters that are ignored by the HTML parser, as
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-4065 4.3
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to bypass cross-site scripting (XSS) protection mechanisms and conduct XSS attacks via byte order mark (BOM) charact
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-4064 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-4062 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allow remote attackers to cause a denial of service (memory corruption and application crash) or po
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-4061 10.0
Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash)
29-10-2012 - 23:16 24-09-2008 - 16:37
CVE-2008-3837 9.3
Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted
29-10-2012 - 23:15 24-09-2008 - 16:37
CVE-2008-3835 7.5
The nsXMLDocument::OnChannelRedirect function in Mozilla Firefox before 2.0.0.17, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code via unknown vect
29-10-2012 - 23:15 24-09-2008 - 16:37
CVE-2008-3641 10.0
The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.
29-10-2012 - 23:15 10-10-2008 - 06:30
CVE-2008-3640 6.8
Integer overflow in the WriteProlog function in texttops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via a crafted PostScript file that triggers a heap-based buffer overflow.
29-10-2012 - 23:15 14-10-2008 - 17:10
CVE-2008-3639 7.5
Heap-based buffer overflow in the read_rle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded (RLE) data containing a small image and a large row count.
29-10-2012 - 23:15 14-10-2008 - 17:10
CVE-2008-3528 2.1
The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically prox
29-10-2012 - 23:15 27-09-2008 - 06:30
CVE-2008-3275 4.9
The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) directory, which allows local users to cause a denia
29-10-2012 - 23:14 12-08-2008 - 19:41
CVE-2008-3272 6.6
The snd_seq_oss_synth_make_info function in sound/core/seq/oss/seq_oss_synth.c in the sound subsystem in the Linux kernel before 2.6.27-rc2 does not verify that the device number is within the range defined by max_synthdev before returning certain da
29-10-2012 - 23:14 08-08-2008 - 14:41
CVE-2008-0553 6.8
Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
29-10-2012 - 23:06 07-02-2008 - 16:00
CVE-2008-0016 10.0
Stack-based buffer overflow in the URL parsing implementation in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to execute arbitrary code via a crafted UTF-8 URL in a link.
29-10-2012 - 23:04 24-09-2008 - 16:37
CVE-2007-6716 4.7
fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.
29-10-2012 - 23:04 04-09-2008 - 13:41
CVE-2009-3079 10.0
Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.
22-10-2012 - 23:10 10-09-2009 - 17:30
CVE-2009-3078 5.0
Visual truncation vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to trigger a vertical scroll and spoof URLs via unspecified Unicode characters with a tall line-height property.
22-10-2012 - 23:10 10-09-2009 - 17:30
CVE-2009-3077 9.3
Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, does not properly manage pointers for the columns (aka TreeColumns) of a XUL tree element, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to a "dangl
22-10-2012 - 23:10 10-09-2009 - 17:30
CVE-2009-3076 9.3
Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbit
22-10-2012 - 23:10 10-09-2009 - 17:30
CVE-2009-3075 10.0
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.2, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and
22-10-2012 - 23:10 10-09-2009 - 17:30
CVE-2009-3074 10.0
Unspecified vulnerability in the JavaScript engine in Mozilla Firefox before 3.0.14 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
22-10-2012 - 23:10 10-09-2009 - 17:30
CVE-2009-3072 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and ap
22-10-2012 - 23:10 10-09-2009 - 17:30
CVE-2009-3071 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via
22-10-2012 - 23:10 10-09-2009 - 17:30
CVE-2009-3070 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
22-10-2012 - 23:10 10-09-2009 - 17:30
CVE-2009-3026 5.0
protocols/jabber/auth.c in libpurple in Pidgin 2.6.0, and possibly other versions, does not follow the "require TLS/SSL" preference when connecting to older Jabber servers that do not follow the XMPP specification, which causes libpurple to connect t
22-10-2012 - 23:10 31-08-2009 - 16:30
CVE-2009-2694 10.0
The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory
22-10-2012 - 23:09 21-08-2009 - 07:02
CVE-2009-2692 7.2
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in proto_ops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using
22-10-2012 - 23:09 14-08-2009 - 11:16
CVE-2009-2654 5.8
Mozilla Firefox before 3.0.13, and 3.5.x before 3.5.2, allows remote attackers to spoof the address bar, and possibly conduct phishing attacks, via a crafted web page that calls window.open with an invalid character in the URL, makes document.write c
22-10-2012 - 23:09 03-08-2009 - 10:30
CVE-2009-2408 6.8
Mozilla Network Security Services (NSS) before 3.12.3, Firefox before 3.0.13, Thunderbird before 2.0.0.23, and SeaMonkey before 1.1.18 do not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certif
22-10-2012 - 23:08 30-07-2009 - 15:30
CVE-2009-2404 9.3
Heap-based buffer overflow in a regular-expression parser in Mozilla Network Security Services (NSS) before 3.12.3, as used in Firefox, Thunderbird, SeaMonkey, Evolution, Pidgin, and AOL Instant Messenger (AIM), allows remote SSL servers to cause a d
22-10-2012 - 23:08 03-08-2009 - 10:30
CVE-2009-1310 4.3
Cross-site scripting (XSS) vulnerability in the MozSearch plugin implementation in Mozilla Firefox before 3.0.9 allows user-assisted remote attackers to inject arbitrary web script or HTML via a javascript: URI in the SearchForm element.
22-10-2012 - 23:05 22-04-2009 - 14:30
CVE-2012-3977
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-4930. Reason: This candidate is a duplicate of CVE-2012-4930. Notes: All CVE users should reference CVE-2012-4930 instead of this candidate. All references and descriptions in t
09-10-2012 - 07:13 09-10-2012 - 07:13
CVE-2010-0178 7.6
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, does not prevent applets from interpreting mouse clicks as drag-and-drop actions, which allows remote attackers to execute arbitrary JavaScript wit
14-09-2012 - 00:00 05-04-2010 - 13:30
CVE-2008-3141 4.9
Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors.
12-09-2012 - 22:30 10-07-2008 - 19:41
CVE-2008-3138 5.0
The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.
12-09-2012 - 22:30 10-07-2008 - 19:41
CVE-2008-3137 4.3
The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.
12-09-2012 - 22:30 10-07-2008 - 19:41
CVE-2009-0600 4.3
Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame.
13-08-2012 - 22:58 16-02-2009 - 15:30
CVE-2008-4684 4.3
packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling
13-08-2012 - 22:49 22-10-2008 - 14:00
CVE-2008-4683 5.0
The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an err
13-08-2012 - 22:49 22-10-2008 - 14:00
CVE-2008-4682 5.0
wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion.
13-08-2012 - 22:49 22-10-2008 - 14:00
CVE-2008-4681 4.3
Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets.
13-08-2012 - 22:49 22-10-2008 - 14:00
CVE-2008-4680 4.3
packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB).
13-08-2012 - 22:49 22-10-2008 - 14:00
CVE-2008-3934 3.3
Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
13-08-2012 - 22:47 04-09-2008 - 15:41
CVE-2008-1563 4.3
The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
13-08-2012 - 22:40 31-03-2008 - 18:44
CVE-2008-1562 5.0
The LDAP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet, a different vulnerability than CVE-2006-5740.
13-08-2012 - 22:40 31-03-2008 - 18:44
CVE-2008-1561 5.0
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) 0.99.5 through 0.99.8 allow remote attackers to cause a denial of service (application crash) via a malformed packet to the (1) X.509sat or (2) Roofnet dissectors. NOTE: Vector 2
13-08-2012 - 22:40 31-03-2008 - 18:44
CVE-2008-1071 4.3
The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet.
13-08-2012 - 22:38 28-02-2008 - 17:44
CVE-2008-1070 5.0
The SCTP dissector in Wireshark (formerly Ethereal) 0.99.5 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet.
13-08-2012 - 22:38 28-02-2008 - 17:44
CVE-2007-6441 3.3
The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms."
13-08-2012 - 22:33 19-12-2007 - 17:46
CVE-2007-6439 6.1
Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite or large loop) via the (1) IPv6 or (2) USB dissector, which can trigger resource consumption or a crash. NOTE: this identifier originally included Fir
13-08-2012 - 22:33 19-12-2007 - 17:46
CVE-2007-6438 5.0
Unspecified vulnerability in the SMB dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service via unknown vectors. NOTE: this identifier originally included MP3 and NCP, but those issues are already cove
13-08-2012 - 22:33 19-12-2007 - 17:46
CVE-2007-6120 5.0
The Bluetooth SDP dissector Wireshark (formerly Ethereal) 0.99.2 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
13-08-2012 - 22:32 23-11-2007 - 15:46
CVE-2007-6119 7.8
The DCP ETSI dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.
13-08-2012 - 22:32 23-11-2007 - 15:46
CVE-2007-6116 5.0
The Firebird/Interbase dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (infinite loop or crash) via unknown vectors.
13-08-2012 - 22:32 23-11-2007 - 15:46
CVE-2007-6115 10.0
Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.
13-08-2012 - 22:32 23-11-2007 - 15:46
CVE-2007-6112 10.0
Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
13-08-2012 - 22:32 23-11-2007 - 15:46
CVE-2007-0459 5.0
packet-tcp.c in the TCP dissector in Wireshark (formerly Ethereal) 0.99.2 through 0.99.4 allows remote attackers to cause a denial of service (application crash or hang) via fragmented HTTP packets.
13-08-2012 - 22:14 02-02-2007 - 15:28
CVE-2007-0458 4.3
Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468.
13-08-2012 - 22:14 02-02-2007 - 15:28
CVE-2007-0456 4.3
Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
13-08-2012 - 22:14 02-02-2007 - 15:28
CVE-2009-3048 4.3
Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly implement the "INPUT TYPE=file" functionality, which allows remote attackers to trick a user into uploading an unintended file via vectors involving a "dropped file."
07-06-2012 - 11:46 02-09-2009 - 13:30
CVE-2009-1180 6.8
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file that triggers a free of invalid data.
20-04-2012 - 00:00 23-04-2009 - 13:30
CVE-2009-1630 4.4
The nfs_permission function in fs/nfs/dir.c in the NFS client implementation in the Linux kernel 2.6.29.3 and earlier, when atomic_open is available, does not check execute (aka EXEC or MAY_EXEC) permission bits, which allows local users to bypass pe
12-04-2012 - 00:00 14-05-2009 - 13:30
CVE-2009-0676 2.1
The sock_getsockopt function in net/core/sock.c in the Linux kernel before 2.6.28.6 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel memory via an SO_BSDCOMPAT getsockopt
12-04-2012 - 00:00 22-02-2009 - 17:30
CVE-2009-1698 9.3
WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which a
30-03-2012 - 00:00 10-06-2009 - 14:00
CVE-2009-1633 7.1
Multiple buffer overflows in the cifs subsystem in the Linux kernel before 2.6.29.4 allow remote CIFS servers to cause a denial of service (memory corruption) and possibly have unspecified other impact via (1) a malformed Unicode string, related to U
23-03-2012 - 00:00 28-05-2009 - 16:30
CVE-2010-1437 1.9
Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2.6.34-rc5 and earlier allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact v
19-03-2012 - 00:00 07-05-2010 - 14:30
CVE-2010-1173 7.1
The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invali
19-03-2012 - 00:00 07-05-2010 - 14:30
CVE-2010-1086 7.8
The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service (infinite loop) via a crafted MPEG2-TS frame, related to an invalid Payload Point
19-03-2012 - 00:00 06-04-2010 - 18:30
CVE-2010-1085 7.1
The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 and earlier, when running on the AMD780V chip set, allows context-dependent attackers to cause a denial of service (crash) via unknown manipulations that trigger a divide-by-zero
19-03-2012 - 00:00 06-04-2010 - 18:30
CVE-2010-0307 4.7
The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 platform does not ensure that the ELF interpreter is available before a call to the SET_PERSONALITY macro, which allows local users to cause a denial of
19-03-2012 - 00:00 17-02-2010 - 13:30
CVE-2010-0008 7.8
The sctp_rcv_ootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remote attackers to cause a denial of service (infinite loop) via (1) an Out Of The Blue (OOTB) chunk or (2) a chunk of zero length.
19-03-2012 - 00:00 19-03-2010 - 15:30
CVE-2010-0007 2.1
net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access r
19-03-2012 - 00:00 19-01-2010 - 11:30
CVE-2010-0003 5.4
The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 platform, when print-fatal-signals is enabled, allows local users to discover the contents of arbitrary memory locations by jumping to an address and t
19-03-2012 - 00:00 26-01-2010 - 13:30
CVE-2009-4538 10.0
drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a r
19-03-2012 - 00:00 12-01-2010 - 12:30
CVE-2009-4537 7.8
drivers/net/r8169.c in the r8169 driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to (1) cause a denial of service (temporary network outage) via
19-03-2012 - 00:00 12-01-2010 - 12:30
CVE-2009-4536 7.8
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypas
19-03-2012 - 00:00 12-01-2010 - 12:30
CVE-2009-4020 7.8
Stack-based buffer overflow in the hfs subsystem in the Linux kernel 2.6.32 allows remote attackers to have an unspecified impact via a crafted Hierarchical File System (HFS) filesystem, related to the hfs_readdir function in fs/hfs/dir.c.
19-03-2012 - 00:00 04-12-2009 - 16:30
CVE-2009-3939 6.6
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file.
19-03-2012 - 00:00 16-11-2009 - 14:30
CVE-2009-3889 6.6
The dbg_lvl file for the megaraid_sas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the (1) behavior and (2) logging level of the driver by modifying this file.
19-03-2012 - 00:00 16-11-2009 - 14:30
CVE-2009-3726 7.8
The nfs4_proc_lock function in fs/nfs/nfs4proc.c in the NFSv4 client in the Linux kernel before 2.6.31-rc4 allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) by sending a certain response containing incorrect
19-03-2012 - 00:00 09-11-2009 - 14:30
CVE-2009-3621 4.9
net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing
19-03-2012 - 00:00 22-10-2009 - 12:00
CVE-2009-3620 4.9
The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash
19-03-2012 - 00:00 22-10-2009 - 12:00
CVE-2009-3613 7.8
The swiotlb functionality in the r8169 driver in drivers/net/r8169.c in the Linux kernel before 2.6.27.22 allows remote attackers to cause a denial of service (IOMMU space exhaustion and system crash) by using jumbo frames for a large amount of netwo
19-03-2012 - 00:00 19-10-2009 - 16:00
CVE-2009-3612 4.9
The tcf_fill_node function in net/sched/cls_api.c in the netlink subsystem in the Linux kernel 2.6.x before 2.6.32-rc5, and 2.4.37.6 and earlier, does not initialize a certain tcm__pad2 structure member, which might allow local users to obtain sensit
19-03-2012 - 00:00 19-10-2009 - 16:00
CVE-2009-3238 7.8
The get_random_int function in drivers/char/random.c in the Linux kernel before 2.6.30 produces insufficiently random numbers, which allows attackers to predict the return value, and possibly defeat protection mechanisms based on randomization, via v
19-03-2012 - 00:00 18-09-2009 - 06:30
CVE-2009-3228 4.9
The tc_fill_tclass function in net/sched/sch_api.c in the tc subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.31-rc9 does not initialize certain (1) tcm__pad1 and (2) tcm__pad2 structure members, which might allow local users
19-03-2012 - 00:00 19-10-2009 - 16:00
CVE-2009-3080 7.2
Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.
19-03-2012 - 00:00 20-11-2009 - 12:30
CVE-2009-2910 4.9
arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.31.4 on the x86_64 platform does not clear certain kernel registers before a return to user mode, which allows local users to read register values from an earlier process by switching an ia32 p
19-03-2012 - 00:00 20-10-2009 - 13:30
CVE-2009-2698 7.2
The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vecto
19-03-2012 - 00:00 27-08-2009 - 13:30
CVE-2009-1439 7.8
Buffer overflow in fs/cifs/connect.c in CIFS in the Linux kernel 2.6.29 and earlier allows remote attackers to cause a denial of service (crash) via a long nativeFileSystem field in a Tree Connect response to an SMB mount request.
19-03-2012 - 00:00 27-04-2009 - 14:00
CVE-2009-1389 7.8
Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c) in the Linux kernel before 2.6.30 allows remote attackers to cause a denial of service (kernel memory corruption and crash) via a long packet.
19-03-2012 - 00:00 16-06-2009 - 19:30
CVE-2009-1385 7.8
Integer underflow in the e1000_clean_rx_irq function in drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet (aka e1000) before 7.5.5 allows remote a
19-03-2012 - 00:00 04-06-2009 - 12:30
CVE-2009-1337 4.4
The exit_notify function in kernel/exit.c in the Linux kernel before 2.6.30-rc1 does not restrict exit signals when the CAP_KILL capability is held, which allows local users to send an arbitrary signal to a process by running a program that modifies
19-03-2012 - 00:00 22-04-2009 - 11:30
CVE-2009-1072 4.9
nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash o
19-03-2012 - 00:00 24-03-2009 - 21:30
CVE-2009-0834 3.6
The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass
19-03-2012 - 00:00 06-03-2009 - 06:30
CVE-2009-0322 4.9
drivers/firmware/dell_rbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allows local users to cause a denial of service (system crash) via a read system call that specifies zero bytes from the (1) image_type or (2) packet_size
19-03-2012 - 00:00 28-01-2009 - 13:30
CVE-2009-0065 10.0
Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large
19-03-2012 - 00:00 07-01-2009 - 14:30
CVE-2009-0031 4.9
Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree."
19-03-2012 - 00:00 20-01-2009 - 21:30
CVE-2008-5700 1.9
libata in the Linux kernel before 2.6.27.9 does not set minimum timeouts for SG_IO requests, which allows local users to cause a denial of service (Programmed I/O mode on drives) via multiple simultaneous invocations of an unspecified test program.
19-03-2012 - 00:00 22-12-2008 - 10:30
CVE-2008-5300 4.9
Linux kernel 2.6.28 allows local users to cause a denial of service ("soft lockup" and process loss) via a large number of sendmsg function calls, which does not block during AF_UNIX garbage collection and triggers an OOM condition, a different vulne
19-03-2012 - 00:00 01-12-2008 - 12:30
CVE-2008-4934 7.8
The hfsplus_block_allocate function in fs/hfsplus/bitmap.c in the Linux kernel before 2.6.28-rc1 does not check a certain return value from the read_mapping_page function before calling kmap, which allows attackers to cause a denial of service (syste
19-03-2012 - 00:00 05-11-2008 - 10:00
CVE-2008-4933 7.8
Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog n
19-03-2012 - 00:00 05-11-2008 - 10:00
CVE-2008-4307 4.0
Race condition in the do_setlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service (crash) via vectors resulting in an interrupted RPC call that leads to a stray FL_POSIX lock, related to improp
19-03-2012 - 00:00 13-01-2009 - 12:00
CVE-2008-2136 7.8
Memory leak in the ipip6_rcv function in net/ipv6/sit.c in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3 allows remote attackers to cause a denial of service (memory consumption) via network traffic to a Simple Internet Transition (SIT
19-03-2012 - 00:00 16-05-2008 - 08:54
CVE-2008-1375 6.9
Race condition in the directory notification subsystem (dnotify) in Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1, allows local users to cause a denial of service (OOPS) and possibly gain privileges via unspecified vectors.
19-03-2012 - 00:00 02-05-2008 - 12:05
CVE-2008-0001 3.6
VFS in the Linux kernel before 2.6.22.16, and 2.6.23.x before 2.6.23.14, performs tests of access mode by using the flag variable instead of the acc_mode variable, which might allow local users to bypass intended permissions and remove directories.
19-03-2012 - 00:00 15-01-2008 - 15:00
CVE-2007-6206 2.1
The do_coredump function in fs/exec.c in Linux kernel 2.4.x and 2.6.x up to 2.6.24-rc3, and possibly other versions, does not change the UID of a core dump file if it exists before a root process creates a core dump in the same location, which might
19-03-2012 - 00:00 03-12-2007 - 19:46
CVE-2007-3740 4.4
The CIFS filesystem in the Linux kernel before 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges.
19-03-2012 - 00:00 13-09-2007 - 21:17
CVE-2011-0076 7.5
Unspecified vulnerability in the Java Embedding Plugin (JEP) in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, on Mac OS X allows remote attackers to bypass intended access restrictions via unknown vectors.
26-01-2012 - 22:56 07-05-2011 - 14:55
CVE-2010-0166 5.1
The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers
26-01-2012 - 22:47 25-03-2010 - 17:00
CVE-2010-0163 4.3
Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a parser that performs casts and line termination incorrectly, which allows remote attackers to cause a denial of service (application crash) or possibly
26-01-2012 - 22:47 22-03-2010 - 20:53
CVE-2009-3609 4.3
Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via
18-01-2012 - 22:41 21-10-2009 - 13:30
CVE-2009-3608 9.3
Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a craf
18-01-2012 - 22:41 21-10-2009 - 13:30
CVE-2009-3606 9.3
Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overf
18-01-2012 - 22:41 21-10-2009 - 13:30
CVE-2009-3604 9.3
The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) o
18-01-2012 - 22:41 21-10-2009 - 13:30
CVE-2009-1188 5.0
Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code
18-01-2012 - 22:37 23-04-2009 - 15:30
CVE-2009-1179 6.8
Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file.
18-01-2012 - 22:37 23-04-2009 - 13:30
CVE-2009-1183 4.3
The JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (infinite loop and hang) via a crafted PDF file.
18-01-2012 - 00:00 23-04-2009 - 13:30
CVE-2009-1182 7.5
Multiple buffer overflows in the JBIG2 MMR decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
18-01-2012 - 00:00 23-04-2009 - 13:30
CVE-2009-1181 4.3
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a NULL pointer dereference.
18-01-2012 - 00:00 23-04-2009 - 13:30
CVE-2009-0800 6.8
Multiple "input validation flaws" in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allow remote attackers to execute arbitrary code via a crafted PDF file.
18-01-2012 - 00:00 23-04-2009 - 13:30
CVE-2009-0799 4.3
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers an out-of-bounds read.
18-01-2012 - 00:00 23-04-2009 - 13:30
CVE-2009-0777 5.8
Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 decode invisible characters when they are displayed in the location bar, which causes an incorrect address to be displayed and makes it easier for remote attackers
05-01-2012 - 00:00 04-03-2009 - 21:30
CVE-2009-0652 5.8
The Internationalized Domain Names (IDN) blacklist in Mozilla Firefox 3.0.6 and other versions before 3.0.9; Thunderbird before 2.0.0.21; and SeaMonkey before 1.1.15 does not include box-drawing characters, which allows remote attackers to spoof URLs
05-01-2012 - 00:00 20-02-2009 - 14:30
CVE-2009-1210 10.0
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details ar
29-12-2011 - 00:00 01-04-2009 - 06:30
CVE-2010-0734 6.8
content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restrict the amount of callback data sent to an application that requests automatic decompression, which might allow remote attackers to cause a denial of se
29-10-2011 - 23:24 19-03-2010 - 15:30
CVE-2009-2417 7.5
lib/ssluse.c in cURL and libcurl 7.4 through 7.19.5, when OpenSSL is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof a
29-10-2011 - 23:16 14-08-2009 - 11:16
CVE-2008-0593 4.3
Gecko-based browsers, including Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8, modify the .href property of stylesheet DOM nodes to the final URI of a 302 redirect, which might allow remote attackers to bypass the Same Origin Policy and
18-10-2011 - 00:00 08-02-2008 - 20:00
CVE-2007-5745 6.8
Multiple heap-based buffer overflows in OpenOffice.org before 2.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted (1) Attribute and (2) Font Description record
17-10-2011 - 00:00 17-04-2008 - 15:05
CVE-2007-5393 9.3
Heap-based buffer overflow in the CCITTFaxStream::lookChar method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a PDF file that contains a crafted CCITTFaxDecode filter.
17-10-2011 - 00:00 07-11-2007 - 21:46
CVE-2006-0481 5.0
Heap-based buffer overflow in the alpha strip capability in libpng 1.2.7 allows context-dependent attackers to cause a denial of service (crash) when the png_do_strip_filler function is used to strip alpha channels out of the image.
17-10-2011 - 00:00 31-01-2006 - 13:03
CVE-2008-2952 5.0
liblber/io.c in OpenLDAP 2.2.4 to 2.4.10 allows remote attackers to cause a denial of service (program termination) via crafted ASN.1 BER datagrams that trigger an assertion error.
11-10-2011 - 00:00 01-07-2008 - 17:41
CVE-2008-2726 7.8
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2; and (2) the rb_ary_replace function in 1.6.x allows context-dependent at
11-10-2011 - 00:00 24-06-2008 - 15:41
CVE-2007-5747 6.8
Integer underflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Quattro Pro (QPRO) file with crafted values that trigger an excessive loop and a stack-based buffer
11-10-2011 - 00:00 17-04-2008 - 15:05
CVE-2007-3106 6.8
lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid (1) blocksize_0 and (2) blocksize_1 values, which trigger a "heap
11-10-2011 - 00:00 26-07-2007 - 17:30
CVE-2007-2834 9.3
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which
11-10-2011 - 00:00 18-09-2007 - 17:17
CVE-2007-1536 9.3
Integer underflow in the file_printf function in the "file" program before 4.20 allows user-assisted attackers to execute arbitrary code via a file that triggers a heap-based buffer overflow.
11-10-2011 - 00:00 20-03-2007 - 16:19
CVE-2007-0537 2.6
The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags withi
11-10-2011 - 00:00 29-01-2007 - 11:28
CVE-2007-2525 4.9
Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN
03-10-2011 - 00:00 08-05-2007 - 19:19
CVE-2009-0565 9.3
Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Forma
21-09-2011 - 23:06 10-06-2009 - 14:00
CVE-2006-1729 4.3
Mozilla Firefox 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to read arbitrary files by (1) inserting the target filename into a text box, then turning that box into a file
21-09-2011 - 00:00 14-04-2006 - 06:02
CVE-2008-0591 4.3
Mozilla Firefox before 2.0.0.12 and Thunderbird before 2.0.0.12 does not properly manage a delay timer used in confirmation dialogs, which might allow remote attackers to trick users into confirming an unsafe action, such as remote file execution, by
20-09-2011 - 00:00 08-02-2008 - 19:00
CVE-2007-1095 6.8
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 do not properly implement JavaScript onUnload handlers, which allows remote attackers to run certain JavaScript code and access the location DOM hierarchy in the context of the next web site t
20-09-2011 - 00:00 26-02-2007 - 12:28
CVE-2007-0994 6.8
A regression error in Mozilla Firefox 2.x before 2.0.0.2 and 1.x before 1.5.0.10, and SeaMonkey 1.1 before 1.1.1 and 1.0 before 1.0.8, allows remote attackers to execute arbitrary JavaScript as the user via an HTML mail message with a javascript: URI
20-09-2011 - 00:00 05-03-2007 - 19:19
CVE-2007-0906 7.5
Multiple buffer overflows in PHP before 5.2.1 allow attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors in the (1) session, (2) zip, (3) imap, and (4) sqlite extensions; (5) stream filters; and the (6) s
20-09-2011 - 00:00 13-02-2007 - 18:28
CVE-2009-1889 5.0
The OSCAR protocol implementation in Pidgin before 2.5.8 misinterprets the ICQWebMessage message type as the ICQSMS message type, which allows remote attackers to cause a denial of service (application crash) via a crafted ICQ web message that trigge
14-09-2011 - 23:03 01-07-2009 - 09:00
CVE-2006-0208 2.6
Multiple cross-site scripting (XSS) vulnerabilities in PHP 4.4.1 and 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are i
13-09-2011 - 00:00 13-01-2006 - 18:03
CVE-2009-0358 3.3
Mozilla Firefox 3.x before 3.0.6 does not properly implement the (1) no-store and (2) no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the (a) back button or (b) history list of the victim's browser
12-09-2011 - 23:00 04-02-2009 - 14:30
CVE-2009-0357 5.0
Mozilla Firefox before 3.0.6 and SeaMonkey before 1.1.15 do not properly restrict access from web pages to the (1) Set-Cookie and (2) Set-Cookie2 HTTP response headers, which allows remote attackers to obtain sensitive information from cookies via XM
12-09-2011 - 23:00 04-02-2009 - 14:30
CVE-2009-0356 5.1
Mozilla Firefox before 3.0.6 and SeaMonkey do not block links to the (1) about:plugins and (2) about:config URIs from .desktop files, which allows user-assisted remote attackers to bypass the Same Origin Policy and execute arbitrary code with chrome
12-09-2011 - 23:00 04-02-2009 - 14:30
CVE-2009-0355 5.4
components/sessionstore/src/nsSessionStore.js in Mozilla Firefox before 3.0.6 does not block changes of INPUT elements to type="file" during tab restoration, which allows user-assisted remote attackers to read arbitrary files on a client machine via
12-09-2011 - 23:00 04-02-2009 - 14:30
CVE-2009-0354 2.6
Cross-domain vulnerability in js/src/jsobj.cpp in Mozilla Firefox 3.x before 3.0.6 allows remote attackers to bypass the Same Origin Policy, and access the properties of an arbitrary window and conduct cross-site scripting (XSS) attacks, via vectors
12-09-2011 - 23:00 04-02-2009 - 14:30
CVE-2009-0353 10.0
Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code
12-09-2011 - 23:00 04-02-2009 - 14:30
CVE-2009-0352 10.0
Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbit
12-09-2011 - 23:00 04-02-2009 - 14:30
CVE-2007-1667 9.3
Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive inf
09-09-2011 - 00:00 24-03-2007 - 17:19
CVE-2007-1001 6.8
Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP)
08-09-2011 - 00:00 05-04-2007 - 20:19
CVE-2006-3630 7.5
Multiple off-by-one errors in Wireshark (aka Ethereal) 0.9.7 to 0.99.0 have unknown impact and remote attack vectors via the (1) NCP NMAS and (2) NDPS dissectors.
08-09-2011 - 00:00 21-07-2006 - 10:03
CVE-2009-4212 10.0
Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly
06-09-2011 - 23:03 13-01-2010 - 14:30
CVE-2009-3292 7.5
Unspecified vulnerability in PHP before 5.2.11, and 5.3.x before 5.3.1, has unknown impact and attack vectors related to "missing sanity checks around exif processing."
06-09-2011 - 23:02 22-09-2009 - 06:30
CVE-2009-3291 7.5
The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates.
06-09-2011 - 23:02 22-09-2009 - 06:30
CVE-2009-1891 7.1
The mod_deflate module in Apache httpd 2.2.11 and earlier compresses large files until completion even after the associated network connection is closed, which allows remote attackers to cause a denial of service (CPU consumption).
06-09-2011 - 22:59 10-07-2009 - 11:30
CVE-2009-0846 10.0
The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code
06-09-2011 - 22:57 08-04-2009 - 20:30
CVE-2008-0948 9.3
Buffer overflow in the RPC library (lib/rpc/rpc_dtablesize.c) used by libgssrpc and kadmind in MIT Kerberos 5 (krb5) 1.2.2, and probably other versions before 1.3, when running on systems whose unistd.h does not define the FD_SETSIZE macro, allows re
06-09-2011 - 22:43 18-03-2008 - 20:44
CVE-2008-0062 9.3
KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted messages that trigger a NULL pointer derefe
06-09-2011 - 22:41 19-03-2008 - 06:44
CVE-2008-0005 4.3
mod_proxy_ftp in Apache 2.2.x before 2.2.7-dev, 2.0.x before 2.0.62-dev, and 1.3.x before 1.3.40-dev does not define a charset, which allows remote attackers to conduct cross-site scripting (XSS) attacks using UTF-7 encoding.
06-09-2011 - 22:41 11-01-2008 - 19:46
CVE-2009-2562 5.0
Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors.
01-09-2011 - 00:00 21-07-2009 - 13:30
CVE-2007-5969 7.1
MySQL Community Server 5.0.x before 5.0.51, Enterprise Server 5.0.x before 5.0.52, Server 5.1.x before 5.1.23, and Server 6.0.x before 6.0.4, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows
01-09-2011 - 00:00 10-12-2007 - 14:46
CVE-2007-0775 3.7
Multiple unspecified vulnerabilities in the layout engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allow remote attackers to cause a denial of service (crash) and potentially e
01-09-2011 - 00:00 26-02-2007 - 14:28
CVE-2007-5135 6.8
Off-by-one error in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue wa
29-08-2011 - 00:00 27-09-2007 - 16:17
CVE-2010-2063 7.5
Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c in smbd in Samba 3.0.x before 3.3.13 allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arb
26-08-2011 - 23:40 17-06-2010 - 12:30
CVE-2009-3546 9.3
The _gdGetColors function in gd_gd.c in PHP 5.2.11 and 5.3.x before 5.3.1, and the GD Graphics Library 2.x, does not properly verify a certain colorsTotal structure member, which might allow remote attackers to conduct buffer overflow or buffer over-
25-08-2011 - 00:00 19-10-2009 - 16:00
CVE-2007-5794 4.3
Race condition in nss_ldap, when used in applications that are linked against the pthread library and fork after a call to nss_ldap, might send user data to the wrong process because of improper handling of the LDAP connection. NOTE: this issue was o
10-08-2011 - 00:00 13-11-2007 - 18:46
CVE-2007-4769 6.8
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-boun
10-08-2011 - 00:00 09-01-2008 - 16:46
CVE-2010-2883 9.3
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF documen
04-08-2011 - 00:00 09-09-2010 - 18:00
CVE-2007-0238 9.3
Stack-based buffer overflow in filter\starcalc\scflt.cxx in the StarCalc parser in OpenOffice.org (OOo) Office Suite before 2.2, and 1.x before 1.1.5 Patch, allows user-assisted remote attackers to execute arbitrary code via a document with a long No
28-07-2011 - 00:00 21-03-2007 - 15:19
CVE-2011-1264 4.3
Cross-site scripting (XSS) vulnerability in Active Directory Certificate Services Web Enrollment in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, R2, and R2 SP1 allows remote attackers to inject arbitrary web script or HTML via an unsp
18-07-2011 - 22:44 16-06-2011 - 16:55
CVE-2011-0638 6.9
Microsoft Windows does not properly warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and
18-07-2011 - 22:43 24-01-2011 - 20:00
CVE-2009-4142 4.3
The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks b
18-07-2011 - 22:31 21-12-2009 - 11:30
CVE-2009-4017 5.0
PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service (resource exhaustion), and makes it easier f
18-07-2011 - 22:31 23-11-2009 - 19:30
CVE-2009-2687 4.3
The exif_read_data function in the Exif module in PHP before 5.2.10 allows remote attackers to cause a denial of service (crash) via a malformed JPEG image with invalid offset fields, a different issue than CVE-2005-3353.
18-07-2011 - 22:29 05-08-2009 - 15:30
CVE-2004-0694 6.8
Buffer overflow in LHA 1.14 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors related to "command line processing," a different vulnerability than CVE-2004-0771. NOTE: th
18-07-2011 - 21:19 03-02-2011 - 20:00
CVE-2008-3657 7.5
The dl module in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not check "taintness" of inputs, which allows context-dependent attackers to bypass safe levels and execute dangerous functions by
13-07-2011 - 00:00 12-08-2008 - 21:41
CVE-2007-0720 5.0
The CUPS service on multiple platforms allows remote attackers to cause a denial of service (service hang) via a "partially-negotiated" SSL connection, which prevents other requests from being accepted.
13-07-2011 - 00:00 13-03-2007 - 17:19
CVE-2006-0591 1.2
The crypt_gensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in crypt_blowfish 0.4.7 and earlier do not evenly and randomly distribute salts, which makes it easier for attackers to guess passwords from a s
13-07-2011 - 00:00 07-02-2006 - 20:02
CVE-2007-5947 4.3
The jar protocol handler in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 retrieves the inner URL regardless of its MIME type, and considers HTML documents within a jar archive to have the same origin as the inner URL, which allows remot
20-06-2011 - 00:00 13-11-2007 - 20:46
CVE-2007-4658 7.5
The money_format function in PHP 5 before 5.2.4, and PHP 4 before 4.4.8, permits multiple (1) %i and (2) %n tokens, which has unknown impact and attack vectors, possibly related to a format string vulnerability.
20-06-2011 - 00:00 04-09-2007 - 18:17
CVE-2007-0908 5.0
The WDDX deserializer in the wddx extension in PHP 5 before 5.2.1 and PHP 4 before 4.4.5 does not properly initialize the key_length variable for a numerical key, which allows context-dependent attackers to read stack memory via a wddxPacket element
06-06-2011 - 00:00 13-02-2007 - 18:28
CVE-2007-0988 4.3
The zend_hash_init function in PHP 5 before 5.2.1 and PHP 4 before 4.4.5, when running on a 64-bit platform, allows context-dependent attackers to cause a denial of service (infinite loop) by unserializing certain integer expressions, which only caus
25-05-2011 - 00:00 20-02-2007 - 12:28
CVE-2008-1686 9.3
Array index vulnerability in Speex 1.1.12 and earlier, as used in libfishsound 0.9.0 and earlier, including Illiminable DirectShow Filters and Annodex Plugins for Firefox, xine-lib before 1.1.12, and many other products, allows remote attackers to ex
19-05-2011 - 00:00 08-04-2008 - 14:05
CVE-2007-0451 4.3
Apache SpamAssassin before 3.1.8 allows remote attackers to cause a denial of service via long URLs in malformed HTML, which triggers "massive memory usage."
18-05-2011 - 00:00 16-02-2007 - 14:28
CVE-2008-2785 9.3
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which all
13-05-2011 - 00:00 19-06-2008 - 17:41
CVE-2008-0053 10.0
Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow remote attackers to execute arbitrary code via a crafted HP-GL/2 file.
13-05-2011 - 00:00 18-03-2008 - 19:44
CVE-2006-2199 7.6
Unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x (aka StarOffice) up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice docu
06-05-2011 - 00:00 30-06-2006 - 14:05
CVE-2007-2217 9.3
Kodak Image Viewer in Microsoft Windows 2000 SP4, and in some cases XP SP2 and Server 2003 SP1 and SP2, allows remote attackers to execute arbitrary code via crafted image files that trigger memory corruption, as demonstrated by a certain .tif (TIFF)
29-04-2011 - 00:00 09-10-2007 - 18:17
CVE-2008-0420 9.3
modules/libpr0n/decoders/bmp/nsBMPDecoder.cpp in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 does not properly perform certain calculations related to the mColors table, which allows remote attackers to re
12-04-2011 - 00:00 11-02-2008 - 22:00
CVE-2007-2022 6.8
Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet.
07-04-2011 - 00:00 13-04-2007 - 14:19
CVE-2007-1995 6.3
bgpd/bgp_attr.c in Quagga 0.98.6 and earlier, and 0.99.6 and earlier 0.99 versions, does not validate length values in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes, which allows remote attackers to cause a denial of service (daemon crash or exit)
31-03-2011 - 00:00 12-04-2007 - 06:19
CVE-2007-6117 5.0
Unspecified vulnerability in the HTTP dissector for Wireshark (formerly Ethereal) 0.10.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted chunked messages.
29-03-2011 - 00:00 23-11-2007 - 15:46
CVE-2008-3146 10.0
Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid
15-03-2011 - 00:00 02-09-2008 - 10:24
CVE-2007-2027 4.4
Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 allows local users to cause Elinks to use an untrusted gettext message catalog (.po file) in a "../po" directory, which can be l
10-03-2011 - 00:00 13-04-2007 - 14:19
CVE-2007-0910 10.0
Unspecified vulnerability in PHP before 5.2.1 allows attackers to "clobber" certain super-global variables via unspecified vectors.
10-03-2011 - 00:00 13-02-2007 - 18:28
CVE-2007-6113 4.3
Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.
09-03-2011 - 00:00 23-11-2007 - 15:46
CVE-2009-2563 7.1
Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.
07-03-2011 - 22:22 21-07-2009 - 13:30
CVE-2009-0397 9.3
Heap-based buffer overflow in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11, and GStreamer Plug-ins (aka gstreamer-plugins) 0.8.5, might allow remote attackers to
07-03-2011 - 22:18 03-02-2009 - 06:30
CVE-2008-5557 10.0
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent attackers to execute arbitrary code via a crafted string containing an HTML entity, which is n
07-03-2011 - 22:14 23-12-2008 - 13:30
CVE-2008-5285 5.0
Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.
07-03-2011 - 22:14 01-12-2008 - 10:30
CVE-2008-5052 10.0
The AppendAttributeValue function in the JavaScript engine in Mozilla Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) via unknown vectors that
07-03-2011 - 22:13 13-11-2008 - 06:30
CVE-2008-4685 5.0
Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that tr
07-03-2011 - 22:12 22-10-2008 - 14:00
CVE-2008-4226 10.0
Integer overflow in the xmlSAX2Characters function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a large XML document.
07-03-2011 - 22:12 25-11-2008 - 18:30
CVE-2008-4225 7.8
Integer overflow in the xmlBufferResize function in libxml2 2.7.2 allows context-dependent attackers to cause a denial of service (infinite loop) via a large XML document.
07-03-2011 - 22:12 25-11-2008 - 18:30
CVE-2008-3933 3.3
Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function.
07-03-2011 - 22:11 04-09-2008 - 15:41
CVE-2008-3932 5.0
Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.
07-03-2011 - 22:11 04-09-2008 - 15:41
CVE-2008-3916 9.3
Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special pr
07-03-2011 - 22:11 04-09-2008 - 14:41
CVE-2008-3905 5.8
resolv.rb in Ruby 1.8.5 and earlier, 1.8.6 before 1.8.6-p287, 1.8.7 before 1.8.7-p72, and 1.9 r18423 and earlier uses sequential transaction IDs and constant source ports for DNS requests, which makes it easier for remote attackers to spoof DNS respo
07-03-2011 - 22:11 04-09-2008 - 13:41
CVE-2008-3790 5.0
The REXML module in Ruby 1.8.6 through 1.8.6-p287, 1.8.7 through 1.8.7-p72, and 1.9 allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML document with recursively nested entities, aka an "XML entity explosion."
07-03-2011 - 22:11 27-08-2008 - 16:41
CVE-2008-3656 7.8
Algorithmic complexity vulnerability in the WEBrick::HTTPUtils.split_header_value function in WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows con
07-03-2011 - 22:11 12-08-2008 - 21:41
CVE-2008-3652 7.8
src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
07-03-2011 - 22:11 12-08-2008 - 21:41
CVE-2008-3651 4.0
Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals.
07-03-2011 - 22:11 12-08-2008 - 21:41
CVE-2008-3529 10.0
Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.
07-03-2011 - 22:10 12-09-2008 - 12:56
CVE-2008-3281 4.3
libxml2 2.6.32 and earlier does not properly detect recursion during entity expansion in an attribute value, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document.
07-03-2011 - 22:10 27-08-2008 - 16:41
CVE-2008-3145 5.0
The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buf
07-03-2011 - 22:10 16-07-2008 - 14:41
CVE-2008-3144 5.0
Multiple integer overflows in the PyOS_vsnprintf function in Python/mysnprintf.c in Python 2.5.2 and earlier allow context-dependent attackers to cause a denial of service (memory corruption) or have unspecified other impact via crafted input to stri
07-03-2011 - 22:10 01-08-2008 - 10:41
CVE-2008-3143 7.5
Multiple integer overflows in Python before 2.5.2 might allow context-dependent attackers to have an unknown impact via vectors related to (1) Include/pymem.h; (2) _csv.c, (3) _struct.c, (4) arraymodule.c, (5) audioop.c, (6) binascii.c, (7) cPickle.c
07-03-2011 - 22:10 01-08-2008 - 10:41
CVE-2008-3142 7.5
Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicod
07-03-2011 - 22:10 01-08-2008 - 10:41
CVE-2008-2935 7.5
Multiple heap-based buffer overflows in the rc4 (1) encryption (aka exsltCryptoRc4EncryptFunction) and (2) decryption (aka exsltCryptoRc4DecryptFunction) functions in crypto.c in libexslt in libxslt 1.1.8 through 1.1.24 allow context-dependent attack
07-03-2011 - 22:09 01-08-2008 - 10:41
CVE-2008-2711 4.3
fetchmail 6.3.8 and earlier, when running in -v -v (aka verbose) mode, allows remote attackers to cause a denial of service (crash and persistent mail failure) via a malformed mail message with long headers, which triggers an erroneous dereference wh
07-03-2011 - 22:09 16-06-2008 - 17:41
CVE-2008-2664 7.8
The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related t
07-03-2011 - 22:09 24-06-2008 - 15:41
CVE-2008-2663 10.0
Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service v
07-03-2011 - 22:09 24-06-2008 - 15:41
CVE-2008-2662 10.0
Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or
07-03-2011 - 22:09 24-06-2008 - 15:41
CVE-2008-2379 4.3
Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 allows remote attackers to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message.
07-03-2011 - 22:09 04-12-2008 - 19:30
CVE-2008-2376 7.5
Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (
07-03-2011 - 22:09 08-07-2008 - 20:41
CVE-2008-2315 7.5
Multiple integer overflows in Python 2.5.2 and earlier allow context-dependent attackers to have an unknown impact via vectors related to the (1) stringobject, (2) unicodeobject, (3) bufferobject, (4) longobject, (5) tupleobject, (6) stropmodule, (7)
07-03-2011 - 22:08 01-08-2008 - 10:41
CVE-2008-2152 9.3
Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow.
07-03-2011 - 22:08 10-06-2008 - 14:32
CVE-2008-1927 5.0
Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain oper
07-03-2011 - 22:08 24-04-2008 - 01:05
CVE-2008-1801 9.3
Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field.
07-03-2011 - 22:07 12-05-2008 - 12:20
CVE-2008-1722 4.3
Multiple integer overflows in (1) filter/image-png.c and (2) filter/image-zoom.c in CUPS 1.3 allow attackers to cause a denial of service (crash) and trigger memory corruption, as demonstrated via a crafted PNG image.
07-03-2011 - 22:07 10-04-2008 - 15:05
CVE-2008-1721 7.5
Integer signedness error in the zlib extension module in Python 2.5.2 and earlier allows remote attackers to execute arbitrary code via a negative signed integer, which triggers insufficient memory allocation and a buffer overflow.
07-03-2011 - 22:07 10-04-2008 - 15:05
CVE-2008-1693 6.8
The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute a
07-03-2011 - 22:07 18-04-2008 - 11:05
CVE-2008-1380 9.3
The JavaScript engine in Mozilla Firefox before 2.0.0.14, Thunderbird before 2.0.0.14, and SeaMonkey before 1.1.10 allows remote attackers to cause a denial of service (garbage collector crash) and possibly have other impacts via a crafted web page.
07-03-2011 - 22:07 17-04-2008 - 15:05
CVE-2008-1373 5.8
Buffer overflow in the gif_read_lzw function in CUPS 1.3.6 allows remote attackers to have an unknown impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.
07-03-2011 - 22:06 03-04-2008 - 20:44
CVE-2008-1372 4.3
bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS GENOME test suite for Archive Formats.
07-03-2011 - 22:06 18-03-2008 - 17:44
CVE-2008-1367 7.5
gcc 4.3.x does not generate a cld instruction while compiling functions used for string manipulation such as memcpy and memmove on x86 and i386, which can prevent the direction flag (DF) from being reset in violation of ABI conventions and cause data
07-03-2011 - 22:06 17-03-2008 - 19:44
CVE-2008-1241 4.3
GUI overlay vulnerability in Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9 allows remote attackers to spoof form elements and redirect user inputs via a borderless XUL pop-up window from a background tab.
07-03-2011 - 22:06 27-03-2008 - 06:44
CVE-2008-1238 5.0
Mozilla Firefox before 2.0.0.13 and SeaMonkey before 1.1.9, when generating the HTTP Referer header, does not list the entire URL when it contains Basic Authentication credentials without a username, which makes it easier for remote attackers to bypa
07-03-2011 - 22:06 27-03-2008 - 06:44
CVE-2008-1145 5.0
Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access a
07-03-2011 - 22:06 04-03-2008 - 18:44
CVE-2008-1105 7.5
Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response.
07-03-2011 - 22:05 29-05-2008 - 12:32
CVE-2008-1072 4.7
The TFTP dissector in Wireshark (formerly Ethereal) 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service (crash or memory consumption) via a malformed packet, possibly related to a Cairo library bug.
07-03-2011 - 22:05 28-02-2008 - 17:44
CVE-2008-0658 4.0
slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698.
07-03-2011 - 22:05 13-02-2008 - 16:00
CVE-2008-0592 4.3
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows user-assisted remote attackers to cause a denial of service via a plain .txt file with a "Content-Disposition: attachment" and an invalid "Content-Type: plain/text," which prevents Fir
07-03-2011 - 22:04 08-02-2008 - 19:00
CVE-2008-0417 4.3
CRLF injection vulnerability in Mozilla Firefox before 2.0.0.12 allows remote user-assisted web sites to corrupt the user's password store via newlines that are not properly handled when the user saves a password.
07-03-2011 - 22:04 08-02-2008 - 17:00
CVE-2008-0415 4.3
Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to execute script outside of the sandbox and conduct cross-site scripting (XSS) attacks via multiple vectors including the XMLDocument.lo
07-03-2011 - 22:04 08-02-2008 - 17:00
CVE-2008-0413 9.3
The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service (crash) and possibly trigger memory corruption via (1) a large switch statement, (2
07-03-2011 - 22:04 08-02-2008 - 17:00
CVE-2008-0411 6.8
Stack-based buffer overflow in the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier allows remote attackers to execute arbitrary code via a postscript (.ps) file containing a long Range array in a .seticcspace operator.
07-03-2011 - 22:04 28-02-2008 - 16:44
CVE-2008-0304 7.5
Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.12 and SeaMonkey before 1.1.8 might allow remote attackers to execute arbitrary code via a crafted external-body MIME type in an e-mail message, related to an incorrect memory allocation
07-03-2011 - 22:04 29-02-2008 - 14:44
CVE-2008-0007 7.2
Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.
07-03-2011 - 22:03 07-02-2008 - 21:00
CVE-2007-6694 7.8
The chrp_show_cpuinfo function (chrp/setup.c) in Linux kernel 2.4.21 through 2.6.18-53, when running on PowerPC, might allow local users to cause a denial of service (crash) via unknown vectors that cause the of_get_property function to fail, which t
07-03-2011 - 22:03 29-01-2008 - 15:00
CVE-2007-6601 7.2
The DBLink module in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21, when local trust or ident authentication is used, allows remote attackers to gain privileges via unspecified vectors. N
07-03-2011 - 22:03 09-01-2008 - 16:46
CVE-2007-6600 6.5
PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, 7.4 before 7.4.19, and 7.3 before 7.3.21 uses superuser privileges instead of table owner privileges for (1) VACUUM and (2) ANALYZE operations within index functions, and supports (3)
07-03-2011 - 22:03 09-01-2008 - 16:46
CVE-2007-6429 9.3
Multiple integer overflows in X.Org Xserver before 1.4.1 allow context-dependent attackers to execute arbitrary code via (1) a GetVisualInfo request containing a 32-bit value that is improperly used to calculate an amount of memory for allocation by
07-03-2011 - 22:02 18-01-2008 - 18:00
CVE-2007-6427 9.3
The XInput extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via requests related to byte swapping and heap corruption within multiple functions, a different vulnerability than CVE-2007-4990.
07-03-2011 - 22:02 18-01-2008 - 18:00
CVE-2007-6284 5.0
The xmlCurrentChar function in libxml2 before 2.6.31 allows context-dependent attackers to cause a denial of service (infinite loop) via XML containing invalid UTF-8 sequences.
07-03-2011 - 22:02 11-01-2008 - 21:46
CVE-2007-6121 5.0
Wireshark (formerly Ethereal) 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service (crash) via a malformed RPC Portmap packet.
07-03-2011 - 22:01 23-11-2007 - 15:46
CVE-2007-6118 7.8
The MEGACO dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (long loop and resource consumption) via unknown vectors.
07-03-2011 - 22:01 23-11-2007 - 15:46
CVE-2007-6114 10.0
Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace
07-03-2011 - 22:01 23-11-2007 - 15:46
CVE-2007-6111 7.1
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow remote attackers to cause a denial of service (crash) via (1) a crafted MP3 file or (2) unspecified vectors to the NCP dissector.
07-03-2011 - 22:01 23-11-2007 - 15:46
CVE-2007-6110 4.3
Cross-site scripting (XSS) vulnerability in htsearch in htdig 3.2.0b6 allows remote attackers to inject arbitrary web script or HTML via the sort parameter.
07-03-2011 - 22:01 23-11-2007 - 15:46
CVE-2007-6063 6.9
Buffer overflow in the isdn_net_setcfg function in isdn_net.c in Linux kernel 2.6.23 allows local users to have an unknown impact via a crafted argument to the isdn_ioctl function.
07-03-2011 - 22:01 20-11-2007 - 19:46
CVE-2007-5971 6.9
Double free vulnerability in the gss_krb5int_make_seal_token_v3 function in lib/gssapi/krb5/k5sealv3.c in MIT Kerberos 5 (krb5) has unknown impact and attack vectors.
07-03-2011 - 22:01 05-12-2007 - 21:46
CVE-2007-5959 9.3
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger memory corruption.
07-03-2011 - 22:01 26-11-2007 - 18:46
CVE-2007-5958 5.0
X.Org Xserver before 1.4.1 allows local users to determine the existence of arbitrary files via a filename argument in the -sp option to the X program, which produces different error messages depending on whether the filename exists.
07-03-2011 - 22:01 18-01-2008 - 18:00
CVE-2007-5925 4.0
The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, wh
07-03-2011 - 22:01 09-11-2007 - 21:46
CVE-2007-5904 6.8
Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.
07-03-2011 - 22:01 09-11-2007 - 13:46
CVE-2007-5899 4.3
The output_add_rewrite_var function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as
07-03-2011 - 22:01 20-11-2007 - 14:46
CVE-2007-5898 6.4
The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465.
07-03-2011 - 22:01 20-11-2007 - 13:46
CVE-2007-5770 5.0
The (1) Net::ftptls, (2) Net::telnets, (3) Net::imap, (4) Net::pop, and (5) Net::smtp libraries in Ruby 1.8.5 and 1.8.6 do not verify that the commonName (CN) field in a server certificate matches the domain name in a request sent over SSL, which mak
07-03-2011 - 22:01 13-11-2007 - 20:46
CVE-2007-5760 9.3
Array index error in the XFree86-Misc extension in X.Org Xserver before 1.4.1 allows context-dependent attackers to execute arbitrary code via a PassMessage request containing a large array index.
07-03-2011 - 22:01 18-01-2008 - 18:00
CVE-2007-5398 9.3
Stack-based buffer overflow in the reply_netbios_packet function in nmbd/nmbd_packets.c in nmbd in Samba 3.0.0 through 3.0.26a, when operating as a WINS server, allows remote attackers to execute arbitrary code via crafted WINS Name Registration requ
07-03-2011 - 22:00 16-11-2007 - 13:46
CVE-2007-5340 4.3
Multiple vulnerabilities in the Javascript engine in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption.
07-03-2011 - 22:00 21-10-2007 - 15:17
CVE-2007-5339 4.3
Multiple vulnerabilities in Mozilla Firefox before 2.0.0.8, Thunderbird before 2.0.0.8, and SeaMonkey before 1.1.5 allow remote attackers to cause a denial of service (crash) via crafted HTML that triggers memory corruption or assert errors.
07-03-2011 - 22:00 21-10-2007 - 15:17
CVE-2007-5337 4.3
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the tar
07-03-2011 - 22:00 21-10-2007 - 16:17
CVE-2007-5162 4.3
The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the domain name in an HTTPS request, which makes it easier
07-03-2011 - 22:00 01-10-2007 - 01:17
CVE-2007-5116 7.5
Buffer overflow in the polymorphic opcode support in the Regular Expression Engine (regcomp.c) in Perl 5.8 allows context-dependent attackers to execute arbitrary code by switching from byte to Unicode (UTF) characters in a regular expression.
07-03-2011 - 22:00 07-11-2007 - 18:46
CVE-2007-5034 4.3
ELinks before 0.11.3, when sending a POST request for an https URL, appends the body and content headers of the POST request to the CONNECT request in cleartext, which allows remote attackers to sniff sensitive data that would have been protected by
07-03-2011 - 21:59 21-09-2007 - 16:17
CVE-2007-4997 7.1
Integer underflow in the ieee80211_rx function in net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service (crash) via a crafted SKB length value in a runt IEEE 802.11 frame when the IE
07-03-2011 - 21:59 06-11-2007 - 14:46
CVE-2007-4988 6.8
Sign extension error in the ReadDIBImage function in ImageMagick before 6.3.5-9 allows context-dependent attackers to execute arbitrary code via a crafted width value in an image file, which triggers an integer overflow and a heap-based buffer overfl
07-03-2011 - 21:59 24-09-2007 - 18:17
CVE-2007-4986 6.8
Multiple integer overflows in ImageMagick before 6.3.5-9 allow context-dependent attackers to execute arbitrary code via a crafted (1) .dcm, (2) .dib, (3) .xbm, (4) .xcf, or (5) .xwd image file, which triggers a heap-based buffer overflow.
07-03-2011 - 21:59 24-09-2007 - 18:17
CVE-2007-4985 4.3
ImageMagick before 6.3.5-9 allows context-dependent attackers to cause a denial of service via a crafted image file that triggers (1) an infinite loop in the ReadDCMImage function, related to ReadBlobByte function calls; or (2) an infinite loop in th
07-03-2011 - 21:59 24-09-2007 - 18:17
CVE-2007-4965 5.8
Multiple integer overflows in the imageop module in Python 2.5.1 and earlier allow context-dependent attackers to cause a denial of service (application crash) and possibly obtain sensitive information (memory contents) via crafted arguments to (1) t
07-03-2011 - 21:59 18-09-2007 - 18:17
CVE-2007-4829 6.8
Directory traversal vulnerability in the Archive::Tar Perl module 1.36 and earlier allows user-assisted remote attackers to overwrite arbitrary files via a TAR archive that contains a file whose name is an absolute path or has ".." sequences.
07-03-2011 - 21:59 02-11-2007 - 12:46
CVE-2007-4619 9.3
Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memo
07-03-2011 - 21:58 12-10-2007 - 17:17
CVE-2007-4573 7.2
The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users t
07-03-2011 - 21:58 24-09-2007 - 18:17
CVE-2007-4571 2.1
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does not return the correct write size, which allows local users to obtain sensitive information (kernel memor
07-03-2011 - 21:58 26-09-2007 - 06:17
CVE-2007-4569 6.8
backend/session.c in KDM in KDE 3.3.0 through 3.5.7, when autologin is configured and "shutdown with password" is enabled, allows remote attackers to bypass the password requirement and login to arbitrary accounts via unspecified vectors.
07-03-2011 - 21:58 21-09-2007 - 15:17
CVE-2007-4565 5.0
sink.c in fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.
07-03-2011 - 21:58 27-08-2007 - 21:17
CVE-2007-4465 4.3
Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2.6, when the charset on a server-generated page is not defined, allows remote attackers to inject arbitrary web script or HTML via the P parameter using t
07-03-2011 - 21:58 13-09-2007 - 20:17
CVE-2007-4352 7.6
Array index error in the DCTStream::readProgressiveDataUnit method in xpdf/Stream.cc in Xpdf 3.02pl1, as used in poppler, teTeX, KDE, KOffice, CUPS, and other products, allows remote attackers to trigger memory corruption and execute arbitrary code v
07-03-2011 - 21:58 07-11-2007 - 21:46
CVE-2007-4351 10.0
Off-by-one error in the ippReadIO function in cups/ipp.c in CUPS 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted (1) textWithLanguage or (2) nameWithLanguage Internet Printing Protocol (IPP) tag, leading to a stack-ba
07-03-2011 - 21:58 31-10-2007 - 18:46
CVE-2007-4308 1.9
The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check permissions for ioctls, which might allow local users to cause a denial of service or gain privileges.
07-03-2011 - 21:58 13-08-2007 - 17:17
CVE-2007-4224 4.3
KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property.
07-03-2011 - 21:58 08-08-2007 - 17:17
CVE-2007-4138 6.9
The Winbind nss_info extension (nsswitch/idmap_ad.c) in idmap_ad.so in Samba 3.0.25 through 3.0.25c, when the "winbind nss info" option is set to rfc2307 or sfu, grants all local users the privileges of gid 0 when the (1) RFC2307 or (2) Services for
07-03-2011 - 21:57 13-09-2007 - 21:17
CVE-2007-4137 7.5
Off-by-one error in the QUtf8Decoder::toUnicode function in Trolltech Qt 3 allows context-dependent attackers to cause a denial of service (crash) via a crafted Unicode string that triggers a heap-based buffer overflow. NOTE: Qt 4 has the same error
07-03-2011 - 21:57 18-09-2007 - 15:17
CVE-2007-4131 6.8
Directory traversal vulnerability in the contains_dot_dot function in src/names.c in GNU tar allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
07-03-2011 - 21:57 24-08-2007 - 20:17
CVE-2007-4029 6.8
libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service via (1) an invalid mapping type, which triggers an out-of-bounds read in the vorbis_info_clear function in info.c, and (2) inva
07-03-2011 - 21:57 26-07-2007 - 18:30
CVE-2007-3998 5.0
The wordwrap function in PHP 4 before 4.4.8, and PHP 5 before 5.2.4, does not properly use the breakcharlen variable, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash, or infinite loop) via certai
07-03-2011 - 21:57 04-09-2007 - 14:17
CVE-2007-3996 6.8
Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a la
07-03-2011 - 21:57 04-09-2007 - 14:17
CVE-2007-3844 4.3
Mozilla Firefox 2.0.0.5, Thunderbird 2.0.0.5 and before 1.5.0.13, and SeaMonkey 1.1.3 allows remote attackers to conduct cross-site scripting (XSS) attacks with chrome privileges via an addon that inserts a (1) javascript: or (2) data: link into an a
07-03-2011 - 21:57 07-08-2007 - 21:17
CVE-2007-3738 9.3
Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper.
07-03-2011 - 21:57 18-07-2007 - 13:30
CVE-2007-3737 9.3
Mozilla Firefox before 2.0.0.5 allows remote attackers to execute arbitrary code with chrome privileges by calling an event handler from an unspecified "element outside of a document."
07-03-2011 - 21:57 18-07-2007 - 13:30
CVE-2007-3736 4.3
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 2.0.0.5 allows remote attackers to inject arbitrary web script "into another site's context" via a "timing issue" involving the (1) addEventListener or (2) setTimeout function, probab
07-03-2011 - 21:57 18-07-2007 - 13:30
CVE-2007-3734 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.
07-03-2011 - 21:57 18-07-2007 - 13:30
CVE-2007-3392 5.0
Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop.
07-03-2011 - 21:56 25-06-2007 - 20:30
CVE-2007-3388 6.8
Multiple format string vulnerabilities in (1) qtextedit.cpp, (2) qdatatable.cpp, (3) qsqldatabase.cpp, (4) qsqlindex.cpp, (5) qsqlrecord.cpp, (6) qglobal.cpp, and (7) qsvgdevice.cpp in QTextEdit in Trolltech Qt 3 before 3.3.8 20070727 allow remote at
07-03-2011 - 21:56 03-08-2007 - 16:17
CVE-2007-3278 6.9
PostgreSQL 8.1 and probably later versions, when local trust authentication is enabled and the Database Link library (dblink) is installed, allows remote attackers to access arbitrary accounts and execute arbitrary SQL queries via a dblink host param
07-03-2011 - 21:55 19-06-2007 - 17:30
CVE-2007-3108 1.2
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
07-03-2011 - 21:55 07-08-2007 - 21:17
CVE-2007-2873 1.9
SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 20070611, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is use
07-03-2011 - 21:55 11-06-2007 - 19:30
CVE-2007-2447 6.0
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to execute arbitrary commands via shell metacharacters involving the (1) SamrChangePassword function, when the "username map script" smb.conf option is enabled,
07-03-2011 - 21:54 14-05-2007 - 17:19
CVE-2007-2292 4.3
CRLF injection vulnerability in the Digest Authentication support for Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allows remote attackers to conduct HTTP request splitting attacks via LF (%0a) bytes in the username attribute.
07-03-2011 - 21:53 26-04-2007 - 16:19
CVE-2007-2138 6.0
Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the p
07-03-2011 - 21:53 24-04-2007 - 16:19
CVE-2007-2028 5.0
Memory leak in freeRADIUS 1.1.5 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of EAP-TTLS tunnel connections using malformed Diameter format attributes, which causes the authentication reques
07-03-2011 - 21:53 13-04-2007 - 14:19
CVE-2007-1856 2.1
Vixie Cron before 4.1-r10 on Gentoo Linux is installed with insecure permissions, which allows local users to cause a denial of service (cron failure) by creating hard links, which results in a failed st_nlink check in database.c.
07-03-2011 - 21:53 17-04-2007 - 23:19
CVE-2007-1797 6.8
Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in
07-03-2011 - 21:52 02-04-2007 - 18:19
CVE-2007-1749 9.3
Integer underflow in the CDownloadSink class code in the Vector Markup Language (VML) component (VGX.DLL), as used in Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code via compressed content with an invalid buffer siz
07-03-2011 - 21:52 14-08-2007 - 18:17
CVE-2007-1583 6.8
The mb_parse_str function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 sets the internal register_globals flag and does not disable it in certain cases when a script terminates, which allows remote attackers to invoke available PHP scripts with
07-03-2011 - 21:52 21-03-2007 - 19:19
CVE-2007-1380 5.0
The php_binary serialization handler in the session extension in PHP before 4.4.5, and 5.x before 5.2.1, allows context-dependent attackers to obtain sensitive information (memory contents) via a serialized variable entry with a large length value, w
07-03-2011 - 21:52 09-03-2007 - 19:19
CVE-2007-1353 2.1
The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function
07-03-2011 - 21:51 24-04-2007 - 12:19
CVE-2007-1308 4.3
ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer d
07-03-2011 - 21:51 06-03-2007 - 19:19
CVE-2007-1282 9.3
Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long lin
07-03-2011 - 21:51 05-03-2007 - 21:19
CVE-2007-1263 5.0
GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a mes
07-03-2011 - 21:51 06-03-2007 - 15:19
CVE-2007-1218 6.8
Off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame. NOTE: this was originally re
07-03-2011 - 21:51 02-03-2007 - 16:18
CVE-2007-1216 8.5
Double free vulnerability in the GSS-API library (lib/gssapi/krb5/k5unseal.c), as used by the Kerberos administration daemon (kadmind) in MIT krb5 before 1.6.1, when used with the authentication method provided by the RPCSEC_GSS RPC library, allows r
07-03-2011 - 21:51 05-04-2007 - 21:19
CVE-2007-1003 9.0
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before 20070403, allows remote authenticated users to execute arbitrary code via a large
07-03-2011 - 21:51 05-04-2007 - 21:19
CVE-2007-0996 5.8
The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated us
07-03-2011 - 21:51 26-02-2007 - 21:28
CVE-2007-0995 4.3
Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 ignores trailing invalid HTML characters in attribute names, which allows remote attackers to bypass content filters that use regular expressions.
07-03-2011 - 21:51 26-02-2007 - 14:28
CVE-2007-0957 9.0
Stack-based buffer overflow in the krb5_klog_syslog function in the kadm5 library, as used by the Kerberos administration daemon (kadmind) and Key Distribution Center (KDC), in MIT krb5 before 1.6.1 allows remote authenticated users to execute arbitr
07-03-2011 - 21:51 05-04-2007 - 21:19
CVE-2007-0956 7.6
The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass authentication and gain system access via a username beginning with a '-' character, a similar issue to CVE-2007-0882.
07-03-2011 - 21:51 05-04-2007 - 21:19
CVE-2007-0940 9.3
Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, a
07-03-2011 - 21:51 08-05-2007 - 19:19
CVE-2007-0909 7.5
Multiple format string vulnerabilities in PHP before 5.2.1 might allow attackers to execute arbitrary code via format string specifiers to (1) all of the *print functions on 64-bit systems, and (2) the odbc_result_all function.
07-03-2011 - 21:50 13-02-2007 - 18:28
CVE-2007-0907 5.0
Buffer underflow in PHP before 5.2.1 allows attackers to cause a denial of service via unspecified vectors involving the sapi_header_op function.
07-03-2011 - 21:50 13-02-2007 - 18:28
CVE-2007-0800 4.3
Cross-zone vulnerability in Mozilla Firefox 1.5.0.9 considers blocked popups to have an internal zone origin, which allows user-assisted remote attackers to cross zone restrictions and read arbitrary file:// URIs by convincing a user to show a blocke
07-03-2011 - 21:50 07-02-2007 - 06:28
CVE-2007-0780 6.8
browser.js in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 uses the requesting URI to identify child windows, which allows remote attackers to conduct cross-site scripting (XSS) attacks by opening a blocked
07-03-2011 - 21:50 26-02-2007 - 15:28
CVE-2007-0779 6.4
GUI overlay vulnerability in Mozilla Firefox 1.5.x before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 allows remote attackers to spoof certain user interface elements, such as the host name or security indicators, via the CSS3 hotspot
07-03-2011 - 21:50 26-02-2007 - 15:28
CVE-2007-0778 5.4
The page cache feature in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 can generate hash collisions that cause page data to be appended to the wrong page cache, which allows remote attackers to obtain sensitive i
07-03-2011 - 21:50 26-02-2007 - 15:28
CVE-2007-0777 9.3
The JavaScript engine in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, Thunderbird before 1.5.0.10, and SeaMonkey before 1.0.8 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vect
07-03-2011 - 21:50 26-02-2007 - 14:28
CVE-2007-0555 8.5
PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a den
07-03-2011 - 21:50 05-02-2007 - 20:28
CVE-2007-0457 4.3
Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 through 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.
07-03-2011 - 21:49 02-02-2007 - 15:28
CVE-2007-0455 7.5
Buffer overflow in the gdImageStringFTEx function in gdft.c in GD Graphics Library 2.0.33 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted string with a JIS encoded
07-03-2011 - 21:49 30-01-2007 - 12:28
CVE-2007-0452 6.8
smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service (memory and CPU exhaustion) by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infi
07-03-2011 - 21:49 05-02-2007 - 21:28
CVE-2007-0239 9.3
OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document.
07-03-2011 - 21:49 21-03-2007 - 15:19
CVE-2006-7228 6.8
Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 might allow context-dependent attackers to execute arbitrary code via a regular expression that involves large (1) min, (2) max, or (3) duplength values that cause an in
07-03-2011 - 21:48 14-11-2007 - 16:46
CVE-2006-7203 4.0
The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode ("mount -t smbfs").
07-03-2011 - 21:48 14-05-2007 - 13:19
CVE-2006-6505 6.8
Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via (1) external message modies with long Content-Type headers or (2) long RFC2047-encoded (MIME no
07-03-2011 - 21:46 19-12-2006 - 20:28
CVE-2006-6077 5.0
The (1) Password Manager in Mozilla Firefox 2.0, and 1.5.0.8 and earlier; and the (2) Passcard Manager in Netscape 8.1.2 and possibly other versions, do not properly verify that an ACTION URL in a FORM element containing a password INPUT element matc
07-03-2011 - 21:45 24-11-2006 - 12:07
CVE-2006-5540 4.0
backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a "MIN/MAX index opt
07-03-2011 - 21:43 26-10-2006 - 13:07
CVE-2006-4484 2.6
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overfl
07-03-2011 - 21:41 31-08-2006 - 17:04
CVE-2006-4333 5.4
The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory.
07-03-2011 - 21:40 24-08-2006 - 16:04
CVE-2006-4031 2.1
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy.
07-03-2011 - 21:40 09-08-2006 - 18:04
CVE-2006-3404 5.1
Buffer overflow in the xcf_load_vector function in app/xcf/xcf-load.c for gimp before 2.2.12 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XCF file with a large num_axes value in the VE
07-03-2011 - 21:38 06-07-2006 - 16:05
CVE-2006-2787 9.3
EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.
07-03-2011 - 21:37 02-06-2006 - 16:02
CVE-2006-1742 5.0
The JavaScript engine in Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 does not properly handle temporary variables that are not garbage collected, which might allow remot
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-1735 9.3
Mozilla Firefox and Thunderbird 1.x before 1.5 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0 allows remote attackers to execute arbitrary code by using an eval in an XBL method binding (XBL.method.eval) to create Javas
07-03-2011 - 21:33 14-04-2006 - 06:02
CVE-2006-0903 4.6
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query f
07-03-2011 - 21:31 27-02-2006 - 18:02
CVE-2006-0296 5.0
The XULDocument.persist function in Mozilla, Firefox before 1.5.0.1, and SeaMonkey before 1.0 does not validate the attribute name, which allows remote attackers to execute arbitrary Javascript by injecting RDF data into the user's localstore.rdf fil
07-03-2011 - 21:29 02-02-2006 - 15:06
CVE-2006-0049 5.0
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report
07-03-2011 - 21:29 13-03-2006 - 16:06
CVE-2005-3350 7.5
libungif library before 4.1.0 allows attackers to corrupt memory and possibly execute arbitrary code via a crafted GIF file that leads to an out-of-bounds write.
07-03-2011 - 21:26 03-11-2005 - 19:02
CVE-2005-2974 2.6
libungif library before 4.1.0 allows attackers to cause a denial of service via a crafted GIF file that triggers a null dereference.
07-03-2011 - 21:25 03-11-2005 - 19:02
CVE-2005-2973 2.1
The udp_v6_get_port function in udp.c in Linux 2.6 before 2.6.14-rc5, when running IPv6, allows local users to cause a denial of service (infinite loop and crash).
07-03-2011 - 21:25 27-10-2005 - 14:02
CVE-2005-2267 7.5
Firefox before 1.0.5 allows remote attackers to steal information and possibly execute arbitrary code by using standalone applications such as Flash and QuickTime to open a javascript: URL, which is run in the context of the previous page, and may le
07-03-2011 - 21:24 13-07-2005 - 00:00
CVE-2005-2261 7.5
Firefox before 1.0.5, Thunderbird before 1.0.5, Mozilla before 1.7.9, Netscape 8.0.2, and K-Meleon 0.9 runs XBL scripts even when Javascript has been disabled, which makes it easier for remote attackers to bypass such protection.
07-03-2011 - 21:23 13-07-2005 - 00:00
CVE-2005-2097 2.1
xpdf and kpdf do not properly validate the "loca" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a "broken" loca table, which causes a large temporary file to be created when
07-03-2011 - 21:23 16-08-2005 - 00:00
CVE-2005-1767 2.1
traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).
07-03-2011 - 21:22 05-08-2005 - 00:00
CVE-2005-0488 5.0
Certain BSD-based Telnet clients, including those used on Solaris and SuSE Linux, allow remote malicious Telnet servers to read sensitive environment variables via the NEW-ENVIRON option with a SEND ENV_USERVAR command.
07-03-2011 - 21:20 14-06-2005 - 00:00
CVE-2004-2541 6.9
Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target.
07-03-2011 - 21:19 31-12-2004 - 00:00
CVE-2004-0813 2.1
Unknown vulnerability in the SG_IO functionality in ide-cd allows local users to bypass read-only access and perform unauthorized write and erase operations.
07-03-2011 - 21:16 31-12-2004 - 00:00
CVE-2004-0175 4.3
Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992.
07-03-2011 - 21:15 18-08-2004 - 00:00
CVE-2008-3655 7.5
Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended
07-03-2011 - 00:00 12-08-2008 - 21:41
CVE-2008-2725 7.8
Integer overflow in the (1) rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22; and (2) the rb_ary_replace function in 1.6.x allows context-dependent attackers to trigger mem
07-03-2011 - 00:00 24-06-2008 - 15:41
CVE-2008-0960 10.0
SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Dat
07-03-2011 - 00:00 10-06-2008 - 14:32
CVE-2008-0419 9.3
Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize
07-03-2011 - 00:00 08-02-2008 - 17:00
CVE-2008-0320 9.3
Heap-based buffer overflow in the OLE importer in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an OLE file with a crafted DocumentSummaryInformation stream.
07-03-2011 - 00:00 17-04-2008 - 15:05
CVE-2008-0072 6.8
Format string vulnerability in the emf_multipart_encrypted function in mail/em-format.c in Evolution 2.12.3 and earlier allows remote attackers to execute arbitrary code via a crafted encrypted message, as demonstrated using the Version field.
07-03-2011 - 00:00 05-03-2008 - 19:44
CVE-2008-0063 4.3
The Kerberos 4 support in KDC in MIT Kerberos 5 (krb5kdc) does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."
07-03-2011 - 00:00 19-03-2008 - 06:44
CVE-2008-0003 10.0
Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus), when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, might allow remote attackers to execute a
07-03-2011 - 00:00 08-01-2008 - 15:46
CVE-2007-6352 6.8
Integer overflow in libexif 0.6.16 and earlier allows context-dependent attackers to execute arbitrary code via an image with crafted EXIF tags, possibly involving the exif_data_load_data_thumbnail function in exif-data.c.
07-03-2011 - 00:00 19-12-2007 - 21:46
CVE-2007-6239 5.0
The "cache update reply processing" functionality in Squid 2.x before 2.6.STABLE17 and Squid 3.0 allows remote attackers to cause a denial of service (crash) via unknown vectors related to HTTP headers and an Array memory leak during requests for cac
07-03-2011 - 00:00 04-12-2007 - 13:46
CVE-2007-5960 4.3
Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 sets the Referer header to the window or frame in which script is running, instead of the address of the content that initiated the script, which allows remote attackers to spoof HTTP Referer
07-03-2011 - 00:00 26-11-2007 - 18:46
CVE-2007-5746 6.8
Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow.
07-03-2011 - 00:00 17-04-2008 - 15:05
CVE-2007-5707 7.1
OpenLDAP before 2.3.39 allows remote attackers to cause a denial of service (slapd crash) via an LDAP request with a malformed objectClasses attribute. NOTE: this has been reported as a double free, but the reports are inconsistent.
07-03-2011 - 00:00 30-10-2007 - 15:46
CVE-2007-5392 9.3
Integer overflow in the DCTStream::reset method in xpdf/Stream.cc in Xpdf 3.02p11 allows remote attackers to execute arbitrary code via a crafted PDF file, resulting in a heap-based buffer overflow.
07-03-2011 - 00:00 07-11-2007 - 21:46
CVE-2007-5338 9.3
Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome
07-03-2011 - 00:00 21-10-2007 - 16:17
CVE-2007-5191 6.9
mount and umount in util-linux and loop-aes-utils call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.
07-03-2011 - 00:00 04-10-2007 - 12:17
CVE-2007-3999 10.0
Stack-based buffer overflow in the svcauth_gss_validate function in lib/rpc/svc_auth_gss.c in the RPCSEC_GSS RPC library (librpcsecgss) in MIT Kerberos 5 (krb5) 1.4 through 1.6.2, as used by the Kerberos administration daemon (kadmind) and some third
07-03-2011 - 00:00 05-09-2007 - 06:17
CVE-2007-3798 6.8
Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote attackers to execute arbitrary code via crafted TLVs in a BGP packet, related to an unchecked return value.
07-03-2011 - 00:00 16-07-2007 - 18:30
CVE-2007-3387 6.8
Integer overflow in the StreamPredictor::StreamPredictor function in xpdf 3.02, as used in (1) poppler before 0.5.91, (2) gpdf before 2.8.2, (3) kpdf, (4) kdegraphics, (5) CUPS, (6) PDFedit, and other products, might allow remote attackers to execute
07-03-2011 - 00:00 30-07-2007 - 19:17
CVE-2007-1564 6.8
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
07-03-2011 - 00:00 21-03-2007 - 15:19
CVE-2007-1562 6.8
The FTP protocol implementation in Mozilla Firefox before 1.5.0.11 and 2.x before 2.0.0.3 allows remote attackers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate
07-03-2011 - 00:00 21-03-2007 - 15:19
CVE-2007-0981 7.5
Mozilla based browsers, including Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8, allow remote attackers to bypass the same origin policy, steal cookies, and conduct other attacks by writing a URI with a null byte to the h
07-03-2011 - 00:00 15-02-2007 - 20:28
CVE-2009-1690 9.3
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary c
24-02-2011 - 00:00 10-06-2009 - 10:30
CVE-2009-1687 9.3
The JavaScript garbage collector in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle allocation failures, which allows remote attackers to execute arbitrary code o
17-02-2011 - 01:43 10-06-2009 - 10:30
CVE-2009-2666 6.4
socket.c in fetchmail before 6.3.11 does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted cert
15-02-2011 - 00:00 07-08-2009 - 15:00
CVE-2010-0179 5.1
Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the XMLHttpRequestSpy object and chrome privileged objects
19-01-2011 - 01:54 05-04-2010 - 13:30
CVE-2007-3475 4.3
The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.
19-01-2011 - 01:16 28-06-2007 - 14:30
CVE-2009-4030 4.4
MySQL 5.1.x before 5.1.41 allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are originally associated with pathnames without symlinks
14-01-2011 - 01:37 30-11-2009 - 12:30
CVE-2009-2964 6.8
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via features such as send message and change preferences
14-01-2011 - 01:35 25-08-2009 - 13:30
CVE-2008-4116 9.3
Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 o
06-01-2011 - 00:00 18-09-2008 - 11:04
CVE-2009-0146 4.3
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2SymbolDict::setBitmap and (
21-12-2010 - 00:00 23-04-2009 - 13:30
CVE-2009-0147 4.3
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allow remote attackers to cause a denial of service (crash) via a crafted PDF file, related to (1) JBIG2Stream::readSymbolDictSeg,
16-12-2010 - 00:00 23-04-2009 - 13:30
CVE-2009-2560 5.0
Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP diss
01-12-2010 - 00:00 21-07-2009 - 13:30
CVE-2007-1285 5.0
The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.
30-11-2010 - 01:01 06-03-2007 - 15:19
CVE-2007-1217 6.9
Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a denial of service (crash) and possibly gain privileges via a crafted CAPI packet.
30-11-2010 - 01:01 02-03-2007 - 16:18
CVE-2009-0784 6.9
Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.
30-11-2010 - 00:00 25-03-2009 - 19:30
CVE-2008-1887 9.3
Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when asse
30-11-2010 - 00:00 18-04-2008 - 13:05
CVE-2009-2474 6.8
neon before 0.28.6, when OpenSSL or GnuTLS is used, does not properly handle a '\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers vi
18-11-2010 - 01:29 21-08-2009 - 13:30
CVE-2009-0946 10.0
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
18-11-2010 - 01:26 16-04-2009 - 20:30
CVE-2007-0958 2.1
Linux kernel 2.6.x before 2.6.20 allows local users to read unreadable binaries by using the interpreter (PT_INTERP) functionality and triggering a core dump, a variant of CVE-2004-1073.
15-09-2010 - 01:44 15-02-2007 - 13:28
CVE-2007-0006 1.9
The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as "spinloc
15-09-2010 - 00:00 06-02-2007 - 14:28
CVE-2010-0733 3.5
Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related
09-09-2010 - 01:40 19-03-2010 - 15:30
CVE-2009-2663 9.3
libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg
09-09-2010 - 01:33 04-08-2009 - 12:30
CVE-2009-2285 4.3
Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.
24-08-2010 - 01:37 01-07-2009 - 09:00
CVE-2010-1264 4.0
Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 SP1 and SP2 allows remote attackers to cause a denial of service (hang) via crafted requests to the Help page that cause repeated restarts of the application pool, aka "Sharepoint
21-08-2010 - 01:40 08-06-2010 - 16:30
CVE-2010-0817 4.3
Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 12.0.0.6421 and possibly earlier, and SharePoint Services 3.0 SP1 and SP2, versions, allows remote attackers to inject arbitrary web script or HTML via
21-08-2010 - 01:40 29-04-2010 - 17:30
CVE-2010-0442 6.5
The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service (daemon crash) or have unspecified other impact via vectors involving a negative integer in th
21-08-2010 - 01:39 02-02-2010 - 13:30
CVE-2010-0436 6.9
Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows local users to change the permissions of arbitrary files, and consequently gain privileges, by blocking the removal of a certain directory that contai
21-08-2010 - 01:39 15-04-2010 - 13:30
CVE-2010-0421 4.3
Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc in Pango before 1.27.1 allows context-dependent attackers to cause a denial of service (application crash) via a crafted font file, related to buildi
21-08-2010 - 01:39 18-03-2010 - 13:30
CVE-2010-0411 4.9
Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large
21-08-2010 - 01:39 08-02-2010 - 15:30
CVE-2010-0304 7.5
Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the
21-08-2010 - 01:39 03-02-2010 - 13:30
CVE-2010-0261 9.3
Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2 and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet in which "a
21-08-2010 - 01:39 10-03-2010 - 17:30
CVE-2010-0176 9.3
Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to
21-08-2010 - 01:39 05-04-2010 - 13:30
CVE-2010-0175 9.3
Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of se
21-08-2010 - 01:39 05-04-2010 - 13:30
CVE-2010-0174 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory
21-08-2010 - 01:39 05-04-2010 - 13:30
CVE-2010-0171 4.3
Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allow remote attackers to perform cross-origin keystroke capture, and possibly conduct cross-site scripting (XSS) at
21-08-2010 - 01:39 25-03-2010 - 17:00
CVE-2010-0169 5.0
The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 changes the case of certain strings i
21-08-2010 - 01:38 25-03-2010 - 17:00
CVE-2010-0167 9.3
The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before 3.0.2; and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash)
21-08-2010 - 01:38 25-03-2010 - 17:00
CVE-2010-0162 4.3
Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly support the application/octet-stream content type as a protection mechanism against execution of web script in certain circumstances involving S
21-08-2010 - 01:38 22-02-2010 - 08:00
CVE-2010-0159 10.0
The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute
21-08-2010 - 01:38 22-02-2010 - 08:00
CVE-2009-4377 4.3
The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.
21-08-2010 - 01:37 21-12-2009 - 16:30
CVE-2009-3988 5.0
Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not properly restrict read access to object properties in showModalDialog, which allows remote attackers to bypass the Same Origin Policy and conduct cross-s
21-08-2010 - 01:36 22-02-2010 - 08:00
CVE-2009-3986 7.6
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to execute arbitrary JavaScript with chrome privileges by leveraging a reference to a chrome window from a content window, related to the window
21-08-2010 - 01:36 17-12-2009 - 12:30
CVE-2009-3985 6.8
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to associate spoofed content with an invalid URL by setting document.location to this URL, and then writing arbitrary web script or HTML to the
21-08-2010 - 01:36 17-12-2009 - 12:30
CVE-2009-3984 6.8
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to spoof an SSL indicator for an http URL or a file URL by setting document.location to an https URL corresponding to a site that responds with
21-08-2010 - 01:36 17-12-2009 - 12:30
CVE-2009-3983 6.8
Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, allows remote attackers to send authenticated requests to arbitrary applications by replaying the NTLM credentials of a browser user.
21-08-2010 - 01:36 17-12-2009 - 12:30
CVE-2009-3981 9.3
Unspecified vulnerability in the browser engine in Mozilla Firefox before 3.0.16, SeaMonkey before 2.0.1, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary cod
21-08-2010 - 01:36 17-12-2009 - 12:30
CVE-2009-3979 9.3
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash)
21-08-2010 - 01:36 17-12-2009 - 12:30
CVE-2009-3829 9.3
Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability."
21-08-2010 - 01:36 30-10-2009 - 16:30
CVE-2009-3550 4.3
The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of
21-08-2010 - 01:36 30-10-2009 - 16:30
CVE-2009-3382 10.0
layout/base/nsCSSFrameConstructor.cpp in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 does not properly handle first-letter frames, which allows remote attackers to cause a denial of service (memory corruption and application crash) or p
21-08-2010 - 01:35 29-10-2009 - 10:30
CVE-2009-3380 10.0
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code
21-08-2010 - 01:35 29-10-2009 - 10:30
CVE-2009-3379 10.0
Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overla
21-08-2010 - 01:35 29-10-2009 - 10:30
CVE-2009-3376 9.3
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, does not properly handle a right-to-left override (aka RLO or U+202E) Unicode character in a download filename, which allows remote attackers to spoof file extensions via
21-08-2010 - 01:35 29-10-2009 - 10:30
CVE-2009-3374 7.5
The XPCVariant::VariantDataToJS function in the XPCOM implementation in Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4 does not enforce intended restrictions on interaction between chrome privileged code and objects obtained from remote w
21-08-2010 - 01:35 29-10-2009 - 10:30
CVE-2009-3373 10.0
Heap-based buffer overflow in the GIF image parser in Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via unspecified vectors.
21-08-2010 - 01:35 29-10-2009 - 10:30
CVE-2009-3372 9.3
Mozilla Firefox before 3.0.15 and 3.5.x before 3.5.4, and SeaMonkey before 2.0, allows remote attackers to execute arbitrary code via a crafted regular expression in a Proxy Auto-configuration (PAC) file.
21-08-2010 - 01:35 29-10-2009 - 10:30
CVE-2009-3274 4.4
Mozilla Firefox 3.6a1, 3.5.3, 3.5.2, and earlier 3.5.x versions, and 3.0.14 and earlier 2.x and 3.x versions, on Linux uses a predictable /tmp pathname for files selected from the Downloads window, which allows local users to replace an arbitrary dow
21-08-2010 - 01:35 21-09-2009 - 15:30
CVE-2009-3267 5.0
Microsoft Internet Explorer 6 through 6.0.2900.2180, and 7.0.6000.16711, allows remote attackers to cause a denial of service (CPU consumption) via an automatically submitted form containing a KEYGEN element, a related issue to CVE-2009-1828.
21-08-2010 - 01:35 18-09-2009 - 18:30
CVE-2009-3085 5.0
The XMPP protocol plugin in libpurple in Pidgin before 2.6.2 does not properly handle an error IQ stanza during an attempted fetch of a custom smiley, which allows remote attackers to cause a denial of service (application crash) via XHTML-IM content
21-08-2010 - 01:35 08-09-2009 - 14:30
CVE-2009-3083 5.0
The msn_slp_sip_recv function in libpurple/protocols/msn/slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an SLP invite mess
21-08-2010 - 01:35 08-09-2009 - 14:30
CVE-2009-2948 1.9
mount.cifs in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8 and 3.4 before 3.4.2, when mount.cifs is installed suid root, does not properly enforce permissions, which allows local users to read part of the credentials file and obtain t
21-08-2010 - 01:34 07-10-2009 - 14:30
CVE-2009-2906 4.0
smbd in Samba 3.0 before 3.0.37, 3.2 before 3.2.15, 3.3 before 3.3.8, and 3.4 before 3.4.2 allows remote authenticated users to cause a denial of service (infinite loop) via an unanticipated oplock break notification reply packet.
21-08-2010 - 01:34 07-10-2009 - 14:30
CVE-2009-2703 5.0
libpurple/protocols/irc/msgs.c in the IRC protocol plugin in libpurple in Pidgin before 2.6.2 allows remote IRC servers to cause a denial of service (NULL pointer dereference and application crash) via a TOPIC message that lacks a topic string.
21-08-2010 - 01:34 08-09-2009 - 14:30
CVE-2009-2664 5.0
The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted
21-08-2010 - 01:34 04-08-2009 - 12:30
CVE-2009-2472 4.3
Mozilla Firefox before 3.0.12 does not always use XPCCrossOriginWrapper when required during object construction, which allows remote attackers to bypass the Same Origin Policy and conduct cross-site scripting (XSS) attacks via a crafted document, re
21-08-2010 - 01:33 22-07-2009 - 14:30
CVE-2009-2471 10.0
The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted call, related to XPCNativeWrapper.
21-08-2010 - 01:33 22-07-2009 - 14:30
CVE-2009-2470 5.0
Mozilla Firefox before 3.0.12, and 3.5.x before 3.5.2, allows remote SOCKS5 proxy servers to cause a denial of service (data stream corruption) via a long domain name in a reply.
21-08-2010 - 01:33 04-08-2009 - 12:30
CVE-2009-2469 10.0
Mozilla Firefox before 3.0.12 does not properly handle an SVG element that has a property with a watch function and an __defineSetter__ function, which allows remote attackers to cause a denial of service (memory corruption and application crash) or
21-08-2010 - 01:33 22-07-2009 - 14:30
CVE-2009-2467 10.0
Mozilla Firefox before 3.0.12 and 3.5 before 3.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors involving a Flash object, a slow script dialog, and the unloading of the Flash
21-08-2010 - 01:33 22-07-2009 - 14:30
CVE-2009-2466 10.0
The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2
21-08-2010 - 01:33 22-07-2009 - 14:30
CVE-2009-2465 10.0
Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving double frame construction, related to (1) nsHTMLContentSink.cp
21-08-2010 - 01:33 22-07-2009 - 14:30
CVE-2009-2464 10.0
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arb
21-08-2010 - 01:33 22-07-2009 - 14:30
CVE-2009-2463 10.0
Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a deni
21-08-2010 - 01:33 22-07-2009 - 14:30
CVE-2009-2462 10.0
The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synch
21-08-2010 - 01:33 22-07-2009 - 14:30
CVE-2009-2412 10.0
Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code
21-08-2010 - 01:33 06-08-2009 - 11:30
CVE-2009-2411 8.5
Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger
21-08-2010 - 01:33 07-08-2009 - 15:30
CVE-2009-2210 9.3
Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a multipart/alternative e-mail message containing a text/enhanced part that
21-08-2010 - 01:33 25-06-2009 - 13:30
CVE-2009-1904 5.0
The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversio
21-08-2010 - 01:32 11-06-2009 - 17:30
CVE-2009-1893 6.9
The configtest function in the Red Hat dhcpd init script for DHCP 3.0.1 in Red Hat Enterprise Linux (RHEL) 3 allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file, related to the "dhcpd -t" command.
21-08-2010 - 01:32 17-07-2009 - 12:30
CVE-2009-1888 5.8
The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vecto
21-08-2010 - 01:32 24-06-2009 - 21:30
CVE-2009-1841 9.3
js/src/xpconnect/src/xpcwrappedjsclass.cpp in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to execute arbitrary web script with the privileges of a chrome object, as demonstrated by t
21-08-2010 - 01:32 12-06-2009 - 17:30
CVE-2009-1840 9.3
Mozilla Firefox before 3.0.11, Thunderbird, and SeaMonkey do not check content policy before loading a script file into a XUL document, which allows remote attackers to bypass intended access restrictions via a crafted HTML document, as demonstrated
21-08-2010 - 01:32 12-06-2009 - 17:30
CVE-2009-1839 5.4
Mozilla Firefox 3 before 3.0.11 associates an incorrect principal with a file: URL loaded through the location bar, which allows user-assisted remote attackers to bypass intended access restrictions and read files via a crafted HTML document, aka a "
21-08-2010 - 01:32 12-06-2009 - 17:30
CVE-2009-1838 9.3
The garbage-collection implementation in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 sets an element's owner document to null in unspecified circumstances, which allows remote attackers to execute arbitrary
21-08-2010 - 01:32 12-06-2009 - 17:30
CVE-2009-1837 9.3
Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading,
21-08-2010 - 01:32 12-06-2009 - 17:30
CVE-2009-1836 6.8
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 use the HTTP Host header to determine the context of a document provided in a non-200 CONNECT response from a proxy server, which allows man-in-the-middle attacke
21-08-2010 - 01:32 12-06-2009 - 17:30
CVE-2009-1835 4.3
Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 associate local documents with external domain names located after the file:// substring in a URL, which allows user-assisted remote attackers to read arbitrary cookies via a crafted HTML docu
21-08-2010 - 01:32 12-06-2009 - 17:30
CVE-2009-1834 4.3
Visual truncation vulnerability in netwerk/dns/src/nsIDNService.cpp in Mozilla Firefox before 3.0.11 and SeaMonkey before 1.1.17 allows remote attackers to spoof the location bar via an IDN with invalid Unicode characters that are displayed as whites
21-08-2010 - 01:32 12-06-2009 - 17:30
CVE-2009-1833 9.3
The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vec
21-08-2010 - 01:32 12-06-2009 - 17:30
CVE-2009-1832 9.3
Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors involving "double fra
21-08-2010 - 01:32 12-06-2009 - 17:30
CVE-2009-1829 5.0
Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets.
21-08-2010 - 01:32 29-05-2009 - 18:30
CVE-2009-1758 5.0
The hypervisor_callback function in Xen, possibly before 3.4.0, as applied to the Linux kernel 2.6.30-rc4, 2.6.18, and probably other versions allows guest user applications to cause a denial of service (kernel oops) of the guest OS by triggering a s
21-08-2010 - 01:32 22-05-2009 - 07:52
CVE-2009-1581 4.3
functions/mime.php in SquirrelMail before 1.4.18 does not protect the application's content from Cascading Style Sheets (CSS) positioning in HTML e-mail messages, which allows remote attackers to spoof the user interface, and conduct cross-site scrip
21-08-2010 - 01:32 14-05-2009 - 13:30
CVE-2009-1579 6.8
The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.
21-08-2010 - 01:32 14-05-2009 - 13:30
CVE-2009-1578 4.3
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) certain encrypted strings in e-mail headers, related to c
21-08-2010 - 01:32 14-05-2009 - 13:30
CVE-2009-1571 10.0
Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to execute arbitrary code via unspecified method calls that at
21-08-2010 - 01:32 22-02-2010 - 08:00
CVE-2009-1392 9.3
The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vect
21-08-2010 - 01:32 12-06-2009 - 17:30
CVE-2009-1375 5.0
The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1)
21-08-2010 - 01:31 26-05-2009 - 11:30
CVE-2009-1313 9.3
The nsTextFrame::ClearTextRun function in layout/generic/nsTextFrameThebes.cpp in Mozilla Firefox 3.0.9 allows remote attackers to cause a denial of service (memory corruption) and probably execute arbitrary code via unspecified vectors. NOTE: this
21-08-2010 - 01:31 30-04-2009 - 17:30
CVE-2009-1312 4.3
Mozilla Firefox before 3.0.9 and SeaMonkey 1.1.17 do not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or
21-08-2010 - 01:31 22-04-2009 - 14:30
CVE-2009-1311 4.3
Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during
21-08-2010 - 01:31 22-04-2009 - 14:30
CVE-2009-1309 4.3
Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey do not properly implement the Same Origin Policy for (1) XMLHttpRequest, involving a mismatch for a document's principal, and (2) XPCNativeWrapper.toString, involving an incorrect __proto__ sco
21-08-2010 - 01:31 22-04-2009 - 14:30
CVE-2009-1308 4.3
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey allows remote attackers to inject arbitrary web script or HTML via vectors involving XBL JavaScript bindings and remote stylesheets, as exploited in
21-08-2010 - 01:31 22-04-2009 - 14:30
CVE-2009-1307 6.8
The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to (1) bypass crossdomain.xml restrictions and connect to arbitrary web
21-08-2010 - 01:31 22-04-2009 - 14:30
CVE-2009-1306 4.3
The jar: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not follow the Content-Disposition header of the inner URI, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly other at
21-08-2010 - 01:31 22-04-2009 - 14:30
CVE-2009-1305 5.0
The JavaScript engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving JSOP
21-08-2010 - 01:31 22-04-2009 - 14:30
CVE-2009-1304 5.0
The JavaScript engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors involving
21-08-2010 - 01:31 22-04-2009 - 14:30
CVE-2009-1303 5.0
The browser engine in Mozilla Firefox before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to nsSVGE
21-08-2010 - 01:31 22-04-2009 - 14:30
CVE-2009-1302 5.0
The browser engine in Mozilla Firefox 3.x before 3.0.9, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (application crash) and possibly trigger memory corruption via vectors related to (1
21-08-2010 - 01:31 22-04-2009 - 14:30
CVE-2009-1269 5.0
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
21-08-2010 - 01:31 13-04-2009 - 12:30
CVE-2009-1268 4.3
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.
21-08-2010 - 01:31 13-04-2009 - 12:30
CVE-2009-1252 6.8
Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing a
21-08-2010 - 01:31 19-05-2009 - 15:30
CVE-2009-1194 6.8
Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string th
21-08-2010 - 01:31 11-05-2009 - 11:30
CVE-2009-0949 5.0
The ippReadIO function in cups/ipp.c in cupsd in CUPS before 1.3.10 does not properly initialize memory for IPP request packets, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a scheduler re
21-08-2010 - 01:31 09-06-2009 - 13:30
CVE-2009-0798 5.0
ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop.
21-08-2010 - 01:30 24-04-2009 - 11:30
CVE-2009-0791 6.8
Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute a
21-08-2010 - 01:30 09-06-2009 - 13:30
CVE-2009-0776 7.1
nsIRDFService in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to bypass the same-origin policy and read XML data from another domain via a cross-domain redirect.
21-08-2010 - 01:30 04-03-2009 - 21:30
CVE-2009-0775 10.0
Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not
21-08-2010 - 01:30 04-03-2009 - 21:30
CVE-2009-0774 9.3
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different v
21-08-2010 - 01:30 04-03-2009 - 21:30
CVE-2009-0773 10.0
The JavaScript engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a splice of an array that contains "some
21-08-2010 - 01:30 04-03-2009 - 21:30
CVE-2009-0772 9.3
The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to nsCSSStyleSheet::GetO
21-08-2010 - 01:30 04-03-2009 - 21:30
CVE-2009-0771 10.0
The layout engine in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain vectors that trigger memory corruption a
21-08-2010 - 01:30 04-03-2009 - 21:30
CVE-2009-0754 2.1
PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within .htaccess, which causes this setting to be applied
21-08-2010 - 01:30 03-03-2009 - 11:30
CVE-2009-0692 10.0
Stack-based buffer overflow in the script_write_params method in client/dhclient.c in ISC DHCP dhclient 4.1 before 4.1.0p1, 4.0 before 4.0.1p1, 3.1 before 3.1.2p1, 3.0, and 2.0 allows remote DHCP servers to execute arbitrary code via a crafted subnet
21-08-2010 - 01:30 14-07-2009 - 16:30
CVE-2009-0642 6.8
ext/openssl/ossl_ocsp.c in Ruby 1.8 and 1.9 does not properly check the return value from the OCSP_basic_verify function, which might allow remote attackers to successfully present an invalid X.509 certificate, possibly involving a revoked certificat
21-08-2010 - 01:30 20-02-2009 - 01:47
CVE-2009-0585 7.5
Integer overflow in the soup_base64_encode function in soup-misc.c in libsoup 2.x.x before 2.2.x, and 2.x before 2.24, allows context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation.
21-08-2010 - 01:30 14-03-2009 - 14:30
CVE-2009-0584 9.3
icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (applic
21-08-2010 - 01:30 23-03-2009 - 16:00
CVE-2009-0583 9.3
Multiple integer overflows in icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allow context-dependent attackers to caus
21-08-2010 - 01:30 23-03-2009 - 16:00
CVE-2009-0365 4.6
nm-applet.conf in GNOME NetworkManager before 0.7.0.99 contains an incorrect deny setting, which allows local users to discover (1) network connection passwords and (2) pre-shared keys via calls to the GetSecrets method in the dbus request handler.
21-08-2010 - 01:30 04-03-2009 - 21:30
CVE-2009-0195 6.8
Heap-based buffer overflow in Xpdf 3.02pl2 and earlier, CUPS 1.3.9, and probably other products, allows remote attackers to execute arbitrary code via a PDF file with crafted JBIG2 symbol dictionary segments.
21-08-2010 - 01:29 23-04-2009 - 13:30
CVE-2009-0037 6.8
The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or o
21-08-2010 - 01:29 04-03-2009 - 21:30
CVE-2009-0030 6.5
A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remote authenticated users to access other users' folder lists and configuration data in opportunistic circumstances by using the stand
21-08-2010 - 01:29 21-01-2009 - 15:30
CVE-2008-7224 7.8
Buffer overflow in entity_cache in ELinks before 0.11.4rc0 allows remote attackers to cause a denial of service (crash) via a crafted link.
21-08-2010 - 01:29 14-09-2009 - 10:30
CVE-2008-6472 4.3
The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors.
21-08-2010 - 01:28 14-03-2009 - 14:30
CVE-2008-6123 5.0
The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restric
21-08-2010 - 01:27 12-02-2009 - 11:30
CVE-2008-5513 4.3
Unspecified vulnerability in the session-restore feature in Mozilla Firefox 3.x before 3.0.5 and 2.x before 2.0.0.19 allows remote attackers to bypass the same origin policy, inject content into documents associated with other domains, and conduct cr
21-08-2010 - 01:26 17-12-2008 - 18:30
CVE-2008-5505 5.0
Mozilla Firefox 3.x before 3.0.5 allows remote attackers to bypass intended privacy restrictions by using the persist attribute in an XUL element to create and access data entities that are similar to cookies.
21-08-2010 - 01:26 17-12-2008 - 18:30
CVE-2008-5502 5.0
The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service (crash) via vectors that trigger memory corruption, related to the GetXMLEnti
21-08-2010 - 01:26 17-12-2008 - 18:30
CVE-2008-5501 5.0
The layout engine in Mozilla Firefox 3.x before 3.0.5, Thunderbird 2.x before 2.0.0.19, and SeaMonkey 1.x before 1.1.14 allows remote attackers to cause a denial of service via vectors that trigger an assertion failure.
21-08-2010 - 01:26 17-12-2008 - 18:30
CVE-2008-5498 5.0
Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an inde
21-08-2010 - 01:26 26-12-2008 - 15:30
CVE-2008-5078 6.8
Multiple buffer overflows in the (1) recognize_eps_file function (src/psgen.c) and (2) tilde_subst function (src/util.c) in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence w
21-08-2010 - 01:25 19-12-2008 - 12:30
CVE-2008-4770 10.0
The CMsgReader::readRect function in the VNC Viewer component in RealVNC VNC Free Edition 4.0 through 4.1.2, Enterprise Edition E4.0 through E4.4.2, and Personal Edition P4.0 through P4.4.2 allows remote VNC servers to execute arbitrary code via craf
21-08-2010 - 01:25 16-01-2009 - 16:30
CVE-2008-4690 10.0
lynx 2.8.6dev.15 and earlier, when advanced mode is enabled and lynx is configured as a URL handler, allows remote attackers to execute arbitrary commands via a crafted lynxcgi: URL, a related issue to CVE-2005-2929. NOTE: this might only be a vulne
21-08-2010 - 01:25 22-10-2008 - 14:00
CVE-2008-3663 5.0
Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
21-08-2010 - 01:23 24-09-2008 - 10:56
CVE-2008-3443 5.0
The regular expression engine (regex.c) in Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 allows remote attackers to cause a denial of service (infinite loop and crash) via multiple long requests to
21-08-2010 - 01:22 14-08-2008 - 19:41
CVE-2008-2729 4.9
arch/x86_64/lib/copy_user.S in the Linux kernel before 2.6.19 on some AMD64 systems does not erase destination memory locations after an exception during kernel memory copy, which allows local users to obtain sensitive information.
21-08-2010 - 01:21 30-06-2008 - 18:41
CVE-2008-2366 4.4
Untrusted search path vulnerability in a certain Red Hat build script for OpenOffice.org (OOo) 1.1.x on Red Hat Enterprise Linux (RHEL) 3 and 4 allows local users to gain privileges via a malicious library in the current working directory, related to
21-08-2010 - 01:20 16-06-2008 - 14:41
CVE-2008-1946 4.4
The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command line, related to improper use of the pam_succeed_if.s
21-08-2010 - 01:19 28-07-2008 - 13:41
CVE-2008-1376 7.5
A certain Red Hat build script for nfs-utils before 1.0.9-35z.el5_2 on Red Hat Enterprise Linux (RHEL) 5 omits TCP wrappers support, which might allow remote attackers to bypass intended access restrictions.
21-08-2010 - 01:18 01-08-2008 - 10:41
CVE-2008-0598 4.9
Unspecified vulnerability in the 32-bit and 64-bit emulation in the Linux kernel 2.6.9, 2.6.18, and probably other versions allows local users to read uninitialized memory via unknown vectors involving a crafted binary.
21-08-2010 - 01:16 30-06-2008 - 18:41
CVE-2008-0597 5.0
Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (crash) via crafted IPP packets.
21-08-2010 - 01:16 25-02-2008 - 19:44
CVE-2007-6725 7.5
The CCITTFax decoding filter in Ghostscript 8.60, 8.61, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PDF file that triggers a buffer underflow in the cf_de
21-08-2010 - 01:15 08-04-2009 - 12:30
CVE-2007-6451 4.3
Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory.
21-08-2010 - 01:14 19-12-2007 - 17:46
CVE-2007-6450 5.0
The RPL dissector in Wireshark (formerly Ethereal) 0.9.8 to 0.99.6 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
21-08-2010 - 01:14 19-12-2007 - 17:46
CVE-2007-6282 7.1
The IPsec implementation in Linux kernel before 2.6.25 allows remote routers to cause a denial of service (crash) via a fragmented ESP packet in which the first fragment does not contain the entire ESP header and IV.
21-08-2010 - 01:13 07-05-2008 - 20:20
CVE-2007-6277 9.3
Multiple buffer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via large (1) Metadata Block Size, (2) VORBIS Comment String Size, (3) Picture Metadata MIME-TYPE Size,
21-08-2010 - 01:13 07-12-2007 - 06:46
CVE-2007-5093 4.0
The disconnect method in the Philips USB Webcam (pwc) driver in Linux kernel 2.6.x before 2.6.22.6 "relies on user space to close the device," which allows user-assisted local attackers to cause a denial of service (USB subsystem hang and CPU consump
21-08-2010 - 01:11 26-09-2007 - 17:17
CVE-2007-4782 5.0
PHP before 5.2.3 allows context-dependent attackers to cause a denial of service (application crash) via (1) a long string in the pattern parameter to the glob function; or (2) a long string in the string parameter to the fnmatch function, accompanie
21-08-2010 - 01:10 10-09-2007 - 17:17
CVE-2007-4670 5.0
Unspecified vulnerability in PHP before 5.2.4 has unknown impact and attack vectors, related to an "Improved fix for MOPB-03-2007," probably a variant of CVE-2007-1285.
21-08-2010 - 01:10 04-09-2007 - 20:17
CVE-2007-4134 6.8
Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
21-08-2010 - 01:09 30-08-2007 - 18:17
CVE-2007-4066 4.3
Multiple buffer overflows in Xiph.Org libvorbis before 1.2.0 allow context-dependent attackers to cause a denial of service or have other unspecified impact via a crafted OGG file, aka trac Changesets 13162, 13168, 13169, 13170, 13172, 13211, and 132
21-08-2010 - 01:09 21-09-2007 - 15:17
CVE-2007-4065 4.3
lib/vorbisfile.c in libvorbisfile in Xiph.Org libvorbis before 1.2.0 allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted OGG file, aka trac Changeset 13217.
21-08-2010 - 01:09 21-09-2007 - 15:17
CVE-2007-4033 7.5
Buffer overflow in the intT1_EnvGetCompletePath function in lib/t1lib/t1env.c in t1lib 5.1.1 allows context-dependent attackers to execute arbitrary code via a long FileName parameter. NOTE: this issue was originally reported to be in the imagepsloa
21-08-2010 - 01:09 27-07-2007 - 18:30
CVE-2007-3848 1.9
Linux kernel 2.4.35 and other versions allows local users to send arbitrary signals to a child process that is running at higher privileges by causing a setuid-root parent process to die, which delivers an attacker-controlled parent process death sig
21-08-2010 - 01:08 14-08-2007 - 13:17
CVE-2007-3843 4.3
The Linux kernel before 2.6.23-rc1 checks the wrong global variable for the CIFS sec mount option, which might allow remote attackers to spoof CIFS network traffic that the client configured for security signatures, as demonstrated by lack of signing
21-08-2010 - 01:08 09-08-2007 - 17:17
CVE-2007-3739 4.7
mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors.
21-08-2010 - 01:08 13-09-2007 - 21:17
CVE-2007-3105 4.6
Stack-based buffer overflow in the random number generator (RNG) implementation in the Linux kernel before 2.6.22 might allow local root users to cause a denial of service or gain privileges by setting the default wakeup threshold to a value greater
21-08-2010 - 01:07 27-07-2007 - 17:30
CVE-2007-2721 4.3
The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as origina
21-08-2010 - 01:06 16-05-2007 - 16:30
CVE-2006-7234 4.6
Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious (1) .mailcap and (2) mime.types files in the current working directory.
21-08-2010 - 00:59 27-10-2008 - 13:21
CVE-2006-7230 4.3
Perl-Compatible Regular Expression (PCRE) library before 7.0 does not properly calculate the amount of memory needed for a compiled regular expression pattern when the (1) -x or (2) -i UTF-8 options change within the pattern, which allows context-dep
21-08-2010 - 00:59 15-11-2007 - 14:46
CVE-2006-7227 6.8
Integer overflow in Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to execute arbitrary code via a regular expression containing a large number of named subpatterns (name_count) or long subpattern name
21-08-2010 - 00:59 14-11-2007 - 16:46
CVE-2006-7226 4.3
Perl-Compatible Regular Expression (PCRE) library before 6.7 does not properly calculate the compiled memory allocation for regular expressions that involve a quantified "subpattern containing a named recursion or subroutine reference," which allows
21-08-2010 - 00:59 03-12-2007 - 15:46
CVE-2006-7225 4.3
Perl-Compatible Regular Expression (PCRE) library before 6.7 allows context-dependent attackers to cause a denial of service (error or crash) via a regular expression that involves a "malformed POSIX character class", as demonstrated via an invalid c
21-08-2010 - 00:59 03-12-2007 - 15:46
CVE-2006-7176 4.3
The version of Sendmail 8.13.1-2 on Red Hat Enterprise Linux 4 Update 4 and earlier does not reject the "localhost.localdomain" domain name for e-mail messages that come from external hosts, which might allow remote attackers to spoof messages.
21-08-2010 - 00:59 27-03-2007 - 19:19
CVE-2005-4872 4.3
Perl-Compatible Regular Expression (PCRE) library before 6.2 does not properly count the number of named capturing subpatterns, which allows context-dependent attackers to cause a denial of service (crash) via a regular expression with a large number
21-08-2010 - 00:37 31-12-2005 - 00:00
CVE-2005-4798 5.0
Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the
21-08-2010 - 00:37 31-12-2005 - 00:00
CVE-2005-3184 10.0
Buffer overflow vulnerability in the unicode_to_bytes in the Service Location Protocol (srvloc) dissector (packet-srvloc.c) in Ethereal allows remote attackers to execute arbitrary code via a srvloc packet with a modified length value.
21-08-2010 - 00:33 20-10-2005 - 19:02
CVE-2005-1470 5.0
Multiple unknown vulnerabilities in the (1) TZSP, (2) MGCP, (3) ISUP, (4) SMB, or (5) Bittorrent dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (segmentation fault) via unknown vectors.
21-08-2010 - 00:28 05-05-2005 - 00:00
CVE-2005-1038 2.1
crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2
21-08-2010 - 00:27 02-05-2005 - 00:00
CVE-2005-0765 5.0
Unknown vulnerability in the JXTA dissector in Ethereal 0.10.9 allows remote attackers to cause a denial of service (application crash).
21-08-2010 - 00:26 12-03-2005 - 00:00
CVE-2005-0718 5.0
Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (segmentation fault) by aborting the connection during a (1) PUT or (2) POST request, which causes Squid to access previously freed memory.
21-08-2010 - 00:26 14-04-2005 - 00:00
CVE-2005-0706 7.5
Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the cddb lookup to return more matches than expected.
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0578 2.1
Firefox before 1.0.1 and Mozilla Suite before 1.7.6 use a predictable filename for the plugin temporary directory, which allows local users to delete arbitrary files of other users via a symlink attack on the plugtmp directory.
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0469 7.5
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0468 7.5
Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers m
21-08-2010 - 00:26 02-05-2005 - 00:00
CVE-2005-0206 7.5
The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.
21-08-2010 - 00:25 27-04-2005 - 00:00
CVE-2005-0021 7.2
Multiple buffer overflows in Exim before 4.43 may allow attackers to execute arbitrary code via (1) an IPv6 address with more than 8 components, as demonstrated using the -be command line option, which triggers an overflow in the host_aton function,
21-08-2010 - 00:25 02-05-2005 - 00:00
CVE-2004-1270 2.1
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to
21-08-2010 - 00:22 10-01-2005 - 00:00
CVE-2004-0747 4.6
Buffer overflow in Apache 2.0.50 and earlier allows local users to gain apache privileges via a .htaccess file that causes the overflow during expansion of environment variables.
21-08-2010 - 00:21 20-10-2004 - 00:00
CVE-2004-0233 2.1
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.
21-08-2010 - 00:20 18-08-2004 - 00:00
CVE-2004-0097 10.0
Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
21-08-2010 - 00:19 03-03-2004 - 00:00
CVE-2004-0003 4.6
Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
21-08-2010 - 00:19 03-03-2004 - 00:00
CVE-2003-0859 4.9
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
21-08-2010 - 00:16 15-12-2003 - 00:00
CVE-2003-0427 7.5
Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.
21-08-2010 - 00:16 24-07-2003 - 00:00
CVE-2009-1580 5.8
Session fixation vulnerability in SquirrelMail before 1.4.18 allows remote attackers to hijack web sessions via a crafted cookie.
21-08-2010 - 00:00 14-05-2009 - 13:30
CVE-2009-1044 9.3
Mozilla Firefox 3.0.7 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors related to the _moveToEdgeShift XUL tree method, which triggers garbage collection on objects that are still in use, as demonstrated by Nils duri
21-08-2010 - 00:00 23-03-2009 - 10:19
CVE-2009-0166 4.3
The JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and other products allows remote attackers to cause a denial of service (crash) via a crafted PDF file that triggers a free of uninitialized memory.
21-08-2010 - 00:00 23-04-2009 - 13:30
CVE-2009-0163 6.8
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and earlier allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a crafted TIFF image, which is not properly handled by the (1)
21-08-2010 - 00:00 23-04-2009 - 13:30
CVE-2009-0148 9.3
Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as (1) source-code tokens and (2) pathnames, related to integer overflows in some cases. NOTE: this issue exists because
21-08-2010 - 00:00 05-05-2009 - 13:30
CVE-2008-4310 7.8
httputils.rb in WEBrick in Ruby 1.8.1 and 1.8.5, as used in Red Hat Enterprise Linux 4 and 5, allows remote attackers to cause a denial of service (CPU consumption) via a crafted HTTP request. NOTE: this issue exists because of an incomplete fix for
21-08-2010 - 00:00 08-12-2008 - 19:30
CVE-2007-6698 4.0
The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service (crash) via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerabilit
21-08-2010 - 00:00 01-02-2008 - 17:00
CVE-2007-5494 4.9
Memory leak in the Red Hat Content Accelerator kernel patch in Red Hat Enterprise Linux (RHEL) 4 and 5 allows local users to cause a denial of service (memory consumption) via a large number of open requests involving O_ATOMICLOOKUP.
21-08-2010 - 00:00 29-11-2007 - 21:46
CVE-2007-3104 4.9
The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat Enterprise Linux (RHEL) 4.5 and other distributions, allows users to cause a denial of service (kernel OOPS) by dereferencing a null pointer to an inode in a dentry.
21-08-2010 - 00:00 26-06-2007 - 14:30
CVE-2006-6921 2.1
Unspecified versions of the Linux kernel allow local users to cause a denial of service (unrecoverable zombie process) via a program with certain instructions that prevent init from properly reaping a child whose parent has died.
21-08-2010 - 00:00 12-01-2007 - 18:28
CVE-2005-1468 5.0
Multiple unknown vulnerabilities in the (1) WSP, (2) Q.931, (3) H.245, (4) KINK, (5) MGCP, (6) RPC, (7) SMBMailslot, and (8) SMB NETLOGON dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service (crash) via unknown ve
21-08-2010 - 00:00 05-05-2005 - 00:00
Back to Top Mark selected
Back to Top