Total
1224 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1930 | 1 Novell | 1 Imanager | 2018-10-10 | 5.0 MEDIUM | N/A |
| Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc. | |||||
| CVE-2010-1519 | 1 Glpng | 1 Glpng | 2018-10-10 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in glpng.c in glpng 1.45 allow context-dependent attackers to execute arbitrary code via a crafted PNG image, related to (1) the pngLoadRawF function and (2) the pngLoadF function, leading to heap-based buffer overflows. | |||||
| CVE-2010-1516 | 1 Swftools | 1 Swftools | 2018-10-10 | 9.3 HIGH | N/A |
| Multiple integer overflows in SWFTools 0.9.1 allow remote attackers to execute arbitrary code via (1) a crafted PNG file, related to the getPNG function in lib/png.c; or (2) a crafted JPEG file, related to the jpeg_load function in lib/jpeg.c. | |||||
| CVE-2010-1513 | 1 Daniel Mealha Cabrita | 1 Ziproxy | 2018-10-10 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in src/image.c in Ziproxy before 3.0.1 allow remote attackers to execute arbitrary code via (1) a large JPG image, related to the jpg2bitmap function or (2) a large PNG image, related to the png2bitmap function, leading to heap-based buffer overflows. | |||||
| CVE-2010-1199 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2018-10-10 | 9.3 HIGH | N/A |
| Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to execute arbitrary code via a large text value for a node. | |||||
| CVE-2010-1103 | 1 Mesadynamics | 1 Stainless | 2018-10-10 | 5.0 MEDIUM | N/A |
| Integer overflow in Stainless allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
| CVE-2010-1102 | 1 Omnigroup | 1 Omniweb | 2018-10-10 | 5.0 MEDIUM | N/A |
| Integer overflow in OmniWeb allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
| CVE-2010-1101 | 1 Icab | 1 Icab | 2018-10-10 | 5.0 MEDIUM | N/A |
| Integer overflow in Alexander Clauss iCab allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
| CVE-2010-1100 | 1 Arora-browser | 1 Arora | 2018-10-10 | 5.0 MEDIUM | N/A |
| Integer overflow in Arora allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
| CVE-2010-1099 | 1 Apple | 1 Safari | 2018-10-10 | 5.0 MEDIUM | N/A |
| Integer overflow in Apple Safari allows remote attackers to bypass intended port restrictions on outbound TCP connections via a port number outside the range of the unsigned short data type, as demonstrated by a value of 65561 for TCP port 25. | |||||
| CVE-2010-0766 | 1 Luxology | 1 Modo | 2018-10-10 | 9.3 HIGH | N/A |
| Integer overflow in the Swap4 function in valet4.dll in Luxology Modo 401 allows user-assisted remote attackers to execute arbitrary code via a .LXO file containing a CHNL subchunk associated with an invalid length. | |||||
| CVE-2010-0519 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2018-10-10 | 6.8 MEDIUM | N/A |
| Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a FlashPix image with a malformed SubImage Header Stream containing a NumberOfTiles field with a large value. | |||||
| CVE-2010-0280 | 2 Google, Jan Eric Krprianidis | 2 Google Sketchup, Lib3ds | 2018-10-10 | 9.3 HIGH | N/A |
| Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via crafted structures in a 3DS file, probably related to mesh.c. | |||||
| CVE-2009-4356 | 1 Nullsoft | 1 Winamp | 2018-10-10 | 9.3 HIGH | N/A |
| Multiple integer overflows in the jpeg.w5s and png.w5s filters in Winamp before 5.57 allow remote attackers to execute arbitrary code via malformed (1) JPEG or (2) PNG data in an MP3 file. | |||||
| CVE-2009-4003 | 1 Adobe | 1 Shockwave Player | 2018-10-10 | 9.3 HIGH | N/A |
| Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via (2) an unspecified 3D block in a Shockwave file, leading to memory corruption; or (3) a crafted 3D model in a Shockwave file, leading to heap memory corruption. | |||||
| CVE-2009-4001 | 1 Xnview | 1 Xnview | 2018-10-10 | 9.3 HIGH | N/A |
| Integer overflow in XnView before 1.97.2 might allow remote attackers to execute arbitrary code via a DICOM image with crafted dimensions, leading to a heap-based buffer overflow. | |||||
| CVE-2009-3997 | 1 Nullsoft | 1 Winamp | 2018-10-10 | 9.3 HIGH | N/A |
| Integer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57 might allow remote attackers to execute arbitrary code via an Oktalyzer file that triggers a heap-based buffer overflow. | |||||
| CVE-2009-3743 | 1 Artifex | 3 Afpl Ghostscript, Ghostscript Fonts, Gpl Ghostscript | 2018-10-10 | 9.3 HIGH | N/A |
| Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a malformed TrueType font in a document that trigger an integer overflow and a heap-based buffer overflow. | |||||
| CVE-2009-3586 | 1 Frank Yaul | 1 Corehttp | 2018-10-10 | 7.5 HIGH | N/A |
| Off-by-one error in src/http.c in CoreHTTP 0.5.3.1 and earlier allows remote attackers to cause a denial of service or possibly execute arbitrary code via an HTTP request with a long first line that triggers a buffer overflow. NOTE: this vulnerability reportedly exists because of an incorrect fix for CVE-2007-4060. | |||||
| CVE-2009-2754 | 2 Emc, Ibm | 2 Legato Networker, Informix Dynamic Server | 2018-10-10 | 10.0 HIGH | N/A |
| Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow. | |||||