| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| KMPlayer 2.9.3.1210 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a .avi file with certain large "indx truck size" and nEntriesInuse values. |
| The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack overflow. |
| unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite loop) via a ZOO archive with a direntry structure that points to a previous file. |
| xscreensaver 5.03 and earlier, when running without xscreensaver-gl-extras (GL extras) installed, crashes when /usr/bin/xscreensaver-gl-helper does not exist and a user attempts to unlock the screen, which allows attackers with physical access to gain access to the locked session. |
| The 64-bit versions of Microsoft Visual C++ 8.0 standard library (MSVCR80.DLL) time functions, including (1) localtime, (2) localtime_s, (3) gmtime, (4) gmtime_s, (5) ctime, (6) ctime_s, (7) wctime, (8) wctime_s, and (9) fstat, trigger an assertion error instead of a NULL pointer or EINVAL when processing a time argument later than Jan 1, 3000, which might allow context-dependent attackers to cause a denial of service (application exit) via large time values. NOTE: it could be argued that this is a design limitation of the functions, and the vulnerability lies with any application that does not validate arguments to these functions. However, this behavior is inconsistent with documentation, which does not list assertions as a possible result of an error condition. |
| The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted SMS message. |
| Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a malformed drawing object, which triggers memory corruption. |
| CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork. |
| Integer overflow in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute arbitrary code via a PowerPoint file with a malformed picture index that triggers memory corruption, related to handling of CString objects, aka "Memory Allocation Vulnerability." |
| Unspecified vulnerability in Sun Java SE in JDK and JRE 5.0 before Update 22, JDK and JRE 6 before Update 17, SDK and JRE 1.3.x before 1.3.1_27, and SDK and JRE 1.4.x before 1.4.2_24 allows remote attackers to cause a denial of service (memory consumption) via crafted HTTP headers, which are not properly parsed by the ASN.1 DER input stream parser, aka Bug Id 6864911. |
| Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) large numbers of recipients in To or CC headers. |
| Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, have unknown impact and attack vectors related to memory corruption. |
| Unspecified vulnerability in CA ERwin Process Modeler (formerly AllFusion Process Modeler) 7.2 might allow user-assisted remote attackers to cause a denial of service via a crafted Data Standards File (Datatype Standards File). |
| charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which allows remote attackers to cause a denial of service via an IKE_AUTH request without a (1) TSi or (2) TSr traffic selector. |
| The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1376. |
| Mozilla Firefox before 3.0.12 does not properly handle an SVG element that has a property with a watch function and an __defineSetter__ function, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted document, related to a certain pointer misinterpretation. |
| Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving double frame construction, related to (1) nsHTMLContentSink.cpp, (2) nsXMLContentSink.cpp, and (3) nsPresShell.cpp, and the nsSubDocumentFrame::Reflow function. |
| Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle attempts to access deleted objects in memory, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Memory Corruption Vulnerability." |
| Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree." |
| The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments. |