Total
1227 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-2788 | 1 Sun | 3 Jdk, Jre, Sdk | 2025-04-09 | 6.8 MEDIUM | N/A |
Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit (JDK) before 1.5.0_11-b03 and 1.6.x before 1.6.0_01-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.2_14 and earlier, and SDK and JRE 1.3.1_20 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (JVM crash) via a crafted JPEG or BMP file that triggers a buffer overflow. | |||||
CVE-2008-5744 | 1 Asterisk | 1 Zaptel | 2025-04-09 | 7.2 HIGH | N/A |
Array index error in the dahdi/tor2.c driver in Zaptel (aka DAHDI) 1.4.11 and earlier allows local users in the dialout group to overwrite an integer value in kernel memory by writing to /dev/zap/ctl, related to an incorrect tor2 patch for CVE-2008-5396 that uses the wrong variable in a range check against the value of lc->sync. | |||||
CVE-2007-5348 | 1 Microsoft | 16 Digital Image Suite, Forefront Client Security, Internet Explorer and 13 more | 2025-04-09 | 9.3 HIGH | N/A |
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image file with crafted gradient sizes in gradient fill input, which triggers a heap-based buffer overflow related to GdiPlus.dll and VGX.DLL, aka "GDI+ VML Buffer Overrun Vulnerability." | |||||
CVE-2007-5497 | 1 Ext2 Filesystems Utilities | 1 E2fsprogs | 2025-04-09 | 5.8 MEDIUM | N/A |
Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem image. | |||||
CVE-2008-2785 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2025-04-09 | 9.3 HIGH | N/A |
Mozilla Firefox before 2.0.0.16 and 3.x before 3.0.1, Thunderbird before 2.0.0.16, and SeaMonkey before 1.1.11 use an incorrect integer data type as a CSS object reference counter in the CSSValue array (aka nsCSSValue:Array) data structure, which allows remote attackers to execute arbitrary code via a large number of references to a common CSS object, leading to a counter overflow and a free of in-use memory, aka ZDI-CAN-349. | |||||
CVE-2009-0186 | 2 Mega-nerd, Nullsoft | 2 Libsndfile, Winamp | 2025-04-09 | 9.3 HIGH | N/A |
Integer overflow in libsndfile 1.0.18, as used in Winamp and other products, allows context-dependent attackers to execute arbitrary code via crafted description chunks in a CAF audio file, leading to a heap-based buffer overflow. | |||||
CVE-2008-1950 | 1 Gnu | 1 Gnutls | 2025-04-09 | 5.0 MEDIUM | N/A |
Integer signedness error in the _gnutls_ciphertext2compressed function in lib/gnutls_cipher.c in libgnutls in GnuTLS before 2.2.4 allows remote attackers to cause a denial of service (buffer over-read and crash) via a certain integer value in the Random field in an encrypted Client Hello message within a TLS record with an invalid Record Length, which leads to an invalid cipher padding length, aka GNUTLS-SA-2008-1-3. | |||||
CVE-2009-3638 | 1 Linux | 1 Linux Kernel | 2025-04-09 | 7.2 HIGH | N/A |
Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function. | |||||
CVE-2009-2688 | 1 Xemacs | 1 Xemacs | 2025-04-09 | 10.0 HIGH | N/A |
Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when running on Windows, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) the tiff_instantiate function processing a crafted TIFF file, (2) the png_instantiate function processing a crafted PNG file, and (3) the jpeg_instantiate function processing a crafted JPEG file, all which trigger a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2009-0584 | 2 Argyllcms, Ghostscript | 2 Cms, Ghostscript | 2025-04-09 | 9.3 HIGH | N/A |
icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code by using a device file for processing a crafted image file associated with large integer values for certain sizes, related to an ICC profile in a (1) PostScript or (2) PDF file with embedded images. | |||||
CVE-2008-5284 | 1 Iea Software | 6 Air Marshal, Emerald, Radius Test Client and 3 more | 2025-04-09 | 10.0 HIGH | N/A |
The web server in IEA Software RadiusNT and RadiusX 5.1.38 and other versions before 5.1.44, Emerald 5.0.49 and other versions before 5.0.52, Air Marshal 2.0.4 and other versions before 2.0.8, and Radius test client (aka Radlogin) 4.0.20 and earlier, allows remote attackers to cause a denial of service (crash) via an HTTP Content-Length header with a negative value, which triggers a single byte overwrite of memory using a NULL terminator. NOTE: some of these details are obtained from third party information. | |||||
CVE-2008-1932 | 2 Microsoft, Realtek | 3 Windows-nt, Windows Vista, Hd Audio Codec Drivers | 2025-04-09 | 6.8 MEDIUM | N/A |
Integer overflow in Realtek HD Audio Codec Drivers RTKVHDA.sys and RTKVHDA64.sys before 6.0.1.5605 on Windows Vista allows local users to execute arbitrary code via a crafted IOCTL request. | |||||
CVE-2007-2296 | 1 Apple | 1 Quicktime | 2025-04-09 | 9.3 HIGH | N/A |
Integer overflow in the FlipFileTypeAtom_BtoN function in Apple Quicktime 7.1.5, and other versions before 7.2, allows remote attackers to execute arbitrary code via a crafted M4V (MP4) file. | |||||
CVE-2009-3874 | 2 Microsoft, Sun | 6 Windows, Java Se, Jdk and 3 more | 2025-04-09 | 9.3 HIGH | N/A |
Integer overflow in the JPEGImageReader implementation in the ImageI/O component in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to execute arbitrary code via large subsample dimensions in a JPEG file that triggers a heap-based buffer overflow, aka Bug Id 6874643. | |||||
CVE-2008-1034 | 1 Apple | 1 Mac Os X | 2025-04-09 | 9.3 HIGH | N/A |
Integer underflow in Help Viewer in Apple Mac OS X before 10.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted help:topic URL that triggers a buffer overflow. | |||||
CVE-2009-2415 | 1 Memcachedb | 1 Memcached | 2025-04-09 | 10.0 HIGH | N/A |
Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows. | |||||
CVE-2009-0607 | 1 Openhandsetalliance | 1 Android Sdk | 2025-04-09 | 7.2 HIGH | N/A |
Multiple integer overflows in malloc_leak.c in Bionic in Open Handset Alliance Android 1.0 have unknown impact and attack vectors, related to the (1) chk_calloc and (2) leak_calloc functions. | |||||
CVE-2008-5823 | 1 Microsoft | 2 Money, Windows Vista | 2025-04-09 | 4.3 MEDIUM | N/A |
An ActiveX control in prtstb06.dll in Microsoft Money 2006, when used with WScript in Windows Script Host (WSH) on Windows Vista, allows remote attackers to cause a denial of service (access violation and application crash) via a zero value for the Startup property. | |||||
CVE-2007-5266 | 1 Libpng | 1 Libpng | 2025-04-09 | 4.3 MEDIUM | N/A |
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1 allows remote attackers to cause a denial of service (crash) via a crafted PNG image that prevents a name field from being NULL terminated. | |||||
CVE-2007-5133 | 2 3ware, Microsoft | 5 3dm Disk Management Software, Windows 2003 Server, Windows Server 2003 and 2 more | 2025-04-09 | 7.1 HIGH | N/A |
Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an integer overflow in PNG chunk size handling, as demonstrated by badlycrafted.png. |