Total
1228 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-3389 | 1 Mozilla | 2 Firefox, Seamonkey | 2025-04-09 | 9.3 HIGH | N/A |
| Integer overflow in libtheora in Xiph.Org Theora before 1.1, as used in Mozilla Firefox 3.5 before 3.5.6 and SeaMonkey before 2.0.1, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a video with large dimensions. | |||||
| CVE-2009-3930 | 1 Christos Zoulas | 1 File | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow. | |||||
| CVE-2009-1924 | 1 Microsoft | 2 Windows 2000, Windows 2003 Server | 2025-04-09 | 9.3 HIGH | N/A |
| Integer overflow in the Windows Internet Name Service (WINS) component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability." | |||||
| CVE-2009-2295 | 1 Jun Furuse | 1 Camlimages | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple integer overflows in CamlImages 2.2 and earlier might allow context-dependent attackers to execute arbitrary code via a crafted PNG image with large width and height values that trigger a heap-based buffer overflow in the (1) read_png_file or (2) read_png_file_as_rgb24 function. | |||||
| CVE-2007-1797 | 1 Imagemagick | 1 Imagemagick | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote attackers to execute arbitrary code via (1) a crafted DCM image, which results in a heap-based overflow in the ReadDCMImage function, or (2) the (a) colors or (b) comments field in a crafted XWD image, which results in a heap-based overflow in the ReadXWDImage function, different issues than CVE-2007-1667. | |||||
| CVE-2008-4061 | 3 Canonical, Debian, Mozilla | 5 Ubuntu Linux, Debian Linux, Firefox and 2 more | 2025-04-09 | 10.0 HIGH | N/A |
| Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via an mtd element with a large integer value in the rowspan attribute, related to the layout engine. | |||||
| CVE-2007-1667 | 3 Canonical, Debian, X.org | 3 Ubuntu Linux, Debian Linux, Libx11 | 2025-04-09 | 9.3 HIGH | N/A |
| Multiple integer overflows in (1) the XGetPixel function in ImUtil.c in X.Org libx11 before 1.0.3, and (2) XInitImage function in xwd.c for ImageMagick, allow user-assisted remote attackers to cause a denial of service (crash) or obtain sensitive information via crafted images with large or negative values that trigger a buffer overflow. | |||||
| CVE-2008-0434 | 1 Gecad Technologies | 1 Axigen Mail Server | 2025-04-09 | 9.3 HIGH | N/A |
| Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command. | |||||
| CVE-2009-2584 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 7.2 HIGH | N/A |
| Off-by-one error in the options_write function in drivers/misc/sgi-gru/gruprocfs.c in the SGI GRU driver in the Linux kernel 2.6.30.2 and earlier on ia64 and x86 platforms might allow local users to overwrite arbitrary memory locations and gain privileges via a crafted count argument, which triggers a stack-based buffer overflow. | |||||
| CVE-2009-2500 | 1 Microsoft | 27 .net Framework, Excel Viewer, Expression Web and 24 more | 2025-04-09 | 9.3 HIGH | N/A |
| Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka "GDI+ WMF Integer Overflow Vulnerability." | |||||
| CVE-2008-4220 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-09 | 10.0 HIGH | N/A |
| Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. NOTE: this may be related to the WLB-2008080064 advisory published by SecurityReason on 20080822; however, as of 20081216, there are insufficient details to be sure. | |||||
| CVE-2009-0794 | 1 Sun | 1 Openjdk | 2025-04-09 | 5.0 MEDIUM | N/A |
| Integer overflow in the PulseAudioTargetDataL class in src/java/org/classpath/icedtea/pulseaudio/PulseAudioTargetDataLine.java in Pulse-Java, as used in OpenJDK 1.6.0.0 and other products, allows remote attackers to cause a denial of service (applet crash) via a crafted Pulse Audio source data line. | |||||
| CVE-2009-1856 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-09 | 9.3 HIGH | N/A |
| Integer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows attackers to cause a denial of service or possibly execute arbitrary code via a PDF file containing unspecified parameters to the FlateDecode filter, which triggers a heap-based buffer overflow. | |||||
| CVE-2009-1187 | 1 Poppler | 1 Poppler | 2025-04-09 | 5.0 MEDIUM | N/A |
| Integer overflow in the JBIG2 decoding feature in Poppler before 0.10.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to CairoOutputDev (CairoOutputDev.cc). | |||||
| CVE-2009-3201 | 1 Rob Schultz | 1 Media Player Classic | 2025-04-09 | 4.3 MEDIUM | N/A |
| Integer overflow in Media Player Classic 6.4.9 allows user-assisted remote attackers to cause a denial of service (application crash) via a MIDI file (.mid) with a malformed header, which triggers a buffer overflow, a different vulnerability than CVE-2007-4940. | |||||
| CVE-2008-5745 | 1 Microsoft | 1 Windows Media Player | 2025-04-09 | 4.3 MEDIUM | N/A |
| Integer overflow in quartz.dll in the DirectShow framework in Microsoft Windows Media Player (WMP) 9, 10, and 11, including 11.0.5721.5260, allows remote attackers to cause a denial of service (application crash) via a crafted (1) WAV, (2) SND, or (3) MID file. NOTE: this has been incorrectly reported as a code-execution vulnerability. NOTE: it is not clear whether this issue is related to CVE-2008-4927. | |||||
| CVE-2009-1179 | 4 Apple, Foolabs, Glyphandcog and 1 more | 4 Cups, Xpdf, Xpdfreader and 1 more | 2025-04-09 | 6.8 MEDIUM | N/A |
| Integer overflow in the JBIG2 decoder in Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, Poppler before 0.10.6, and other products allows remote attackers to execute arbitrary code via a crafted PDF file. | |||||
| CVE-2008-3135 | 1 Secretwars | 1 Soldner Secret Wars | 2025-04-09 | 7.8 HIGH | N/A |
| Soldner Secret Wars 33724 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a large numeric value in a 0x80 data block. | |||||
| CVE-2007-1001 | 1 Php | 1 Php | 2025-04-09 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in the (1) createwbmp and (2) readwbmp functions in wbmp.c in the GD library (libgd) in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allow context-dependent attackers to execute arbitrary code via Wireless Bitmap (WBMP) images with large width or height values. | |||||
| CVE-2008-1420 | 2 Redhat, Xiph.org | 3 Enterprise Linux, Linux Advanced Workstation, Libvorbis | 2025-04-09 | 6.8 MEDIUM | N/A |
| Integer overflow in residue partition value (aka partvals) evaluation in Xiph.org libvorbis 1.2.0 and earlier allows remote attackers to execute arbitrary code via a crafted OGG file, which triggers a heap overflow. | |||||