Total
2696 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-1531 | 1 Microsoft | 2 Windows Vista, Windows Xp | 2018-10-16 | 5.0 MEDIUM | N/A |
| Microsoft Windows XP and Vista overwrites ARP table entries included in gratuitous ARP, which allows remote attackers to cause a denial of service (loss of network access) by sending a gratuitous ARP for the address of the Vista host. | |||||
| CVE-2007-1308 | 1 Kde | 1 Konqueror | 2018-10-16 | 4.3 MEDIUM | N/A |
| ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference. | |||||
| CVE-2007-1238 | 1 Microsoft | 1 Office | 2018-10-16 | 4.3 MEDIUM | N/A |
| Microsoft Office 2003 allows user-assisted remote attackers to cause a denial of service (application crash) by attempting to insert a corrupted WMF file. | |||||
| CVE-2007-1211 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2018-10-16 | 7.1 HIGH | N/A |
| Unspecified kernel GDI functions in Microsoft Windows 2000 SP4; XP SP2; and Server 2003 Gold, SP1, and SP2 allows user-assisted remote attackers to cause a denial of service (possibly persistent restart) via a crafted Windows Metafile (WMF) image that causes an invalid dereference of an offset in a kernel structure, a related issue to CVE-2005-4560. | |||||
| CVE-2007-1209 | 1 Microsoft | 1 Windows Vista | 2018-10-16 | 7.2 HIGH | N/A |
| Use-after-free vulnerability in the Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a "dangling pointer" to a process data structure. | |||||
| CVE-2007-0197 | 1 Apple | 1 Mac Os X | 2018-10-16 | 6.8 MEDIUM | N/A |
| Finder 10.4.6 on Apple Mac OS X 10.4.8 allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a long volume name in a DMG disk image, which results in memory corruption. | |||||
| CVE-2008-2543 | 1 Asterisk | 1 Asterisk-addons | 2018-10-15 | 5.0 MEDIUM | N/A |
| The ooh323 channel driver in Asterisk Addons 1.2.x before 1.2.9 and Asterisk-Addons 1.4.x before 1.4.7 creates a remotely accessible TCP port that is intended solely for localhost communication, and interprets some TCP application-data fields as addresses of memory to free, which allows remote attackers to cause a denial of service (daemon crash) via crafted TCP packets. | |||||
| CVE-2008-0984 | 2 Miro, Videolan | 2 Miro Player, Vlc Media Player | 2018-10-15 | 9.3 HIGH | N/A |
| The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file. | |||||
| CVE-2008-0983 | 1 Lighttpd | 1 Lighttpd | 2018-10-15 | 5.0 MEDIUM | N/A |
| lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access. | |||||
| CVE-2008-0979 | 2 Double-take Software, Hp | 2 Double-take, Storageworks Double-take | 2018-10-15 | 5.0 MEDIUM | N/A |
| Stack consumption vulnerability in Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon crash) via a certain packet that triggers the recursive calling of a function. | |||||
| CVE-2008-0977 | 1 Double-take Software | 1 Double-take | 2018-10-15 | 5.0 MEDIUM | N/A |
| Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon crash) via a certain long packet that triggers an attempt to allocate a large amount of memory. | |||||
| CVE-2008-0976 | 2 Double-take Software, Hp | 2 Double-take, Storageworks Double-take | 2018-10-15 | 5.0 MEDIUM | N/A |
| Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a malformed packet, as demonstrated by a packet of type (1) 0x2722 or (2) 0x272a. | |||||
| CVE-2008-0974 | 2 Double-take Software, Hp | 2 Double-take, Storageworks Double-take | 2018-10-15 | 5.0 MEDIUM | N/A |
| Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon termination) via (1) a large vector<T> value, which raises a "vector<T> too long" exception; or (2) a certain packet that raises an ospace/time/src\date.cpp exception. | |||||
| CVE-2008-0667 | 1 Adobe | 1 Acrobat Reader | 2018-10-15 | 4.3 MEDIUM | N/A |
| The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655. | |||||
| CVE-2008-0658 | 1 Openldap | 1 Openldap | 2018-10-15 | 4.0 MEDIUM | N/A |
| slapd/back-bdb/modrdn.c in the BDB backend for slapd in OpenLDAP 2.3.39 allows remote authenticated users to cause a denial of service (daemon crash) via a modrdn operation with a NOOP (LDAP_X_NO_OPERATION) control, a related issue to CVE-2007-6698. | |||||
| CVE-2008-0597 | 2 Easy Software Products, Redhat | 3 Cups, Desktop, Enterprise Linux | 2018-10-15 | 5.0 MEDIUM | N/A |
| Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (crash) via crafted IPP packets. | |||||
| CVE-2008-0419 | 1 Mozilla | 2 Firefox, Seamonkey | 2018-10-15 | 9.3 HIGH | N/A |
| Mozilla Firefox before 2.0.0.12 and SeaMonkey before 1.1.8 allows remote attackers to steal navigation history and cause a denial of service (crash) via images in a page that uses designMode frames, which triggers memory corruption related to resize handles. | |||||
| CVE-2008-0212 | 4 Hp, Linux, Microsoft and 1 more | 5 Hp-ux, Openview Network Node Manager, Linux Kernel and 2 more | 2018-10-15 | 7.8 HIGH | N/A |
| ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access. | |||||
| CVE-2008-0109 | 1 Microsoft | 2 Office, Word | 2018-10-15 | 9.3 HIGH | N/A |
| Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation errors and memory corruption. | |||||
| CVE-2008-0095 | 1 Asterisk | 5 Asterisk Appliance Developer Kit, Asterisk Business Edition, Asterisknow and 2 more | 2018-10-15 | 5.0 MEDIUM | N/A |
| The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header, which triggers a NULL pointer dereference. | |||||