Total
1229 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-5713 | 2 Amxmodx, Valve Software | 2 Amx Mod X, Half-life Dedicated Server | 2023-12-10 | 7.5 HIGH | N/A |
Off-by-one error in the GeoIP module in the AMX Mod X 1.76d plugin for Half-Life Server might allow attackers to execute arbitrary code or cause a denial of service via unspecified input related to geolocation, which triggers an error message from the (1) geoip_code2 or (2) geoip_code3 function, leading to a buffer overflow. | |||||
CVE-2007-5902 | 1 Mit | 1 Kerberos 5 | 2023-12-10 | 10.0 HIGH | N/A |
Integer overflow in the svcauth_gss_get_principal function in lib/rpc/svc_auth_gss.c in MIT Kerberos 5 (krb5) allows remote attackers to have an unknown impact via a large length value for a GSS client name in an RPC request. | |||||
CVE-2007-6359 | 1 Apple | 1 Mac Os X | 2023-12-10 | 4.9 MEDIUM | N/A |
The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL. | |||||
CVE-2006-2327 | 1 Novell | 1 Netware | 2023-12-10 | 6.4 MEDIUM | N/A |
Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. | |||||
CVE-2006-3879 | 1 Miod Vallat | 1 Mikmod | 2023-12-10 | 5.0 MEDIUM | N/A |
Integer overflow in the loadChunk function in loaders/load_gt2.c in libmikmod in Mikmod Sound System 3.2.2 allows remote attackers to cause a denial of service via a GRAOUMF TRACKER (GT2) module file with a large (0xffffffff) comment length value in an XCOM chunk. | |||||
CVE-2005-2754 | 1 Apple | 1 Quicktime | 2023-12-10 | 5.1 MEDIUM | N/A |
Integer overflow in Apple QuickTime before 7.0.3 allows user-assisted attackers to execute arbitrary code via a crafted MOV file with "Improper movie attributes." | |||||
CVE-2006-2197 | 1 Wvware | 1 Wv2 | 2023-12-10 | 6.5 MEDIUM | N/A |
Integer overflow in wv2 before 0.2.3 might allow context-dependent attackers to execute arbitrary code via a crafted Microsoft Word document. | |||||
CVE-2006-1462 | 1 Apple | 1 Quicktime | 2023-12-10 | 5.1 MEDIUM | N/A |
Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to execute arbitrary code via a crafted QuickTime H.264 (M4V) video format file. | |||||
CVE-2006-0020 | 1 Microsoft | 6 Windows 2000, Windows 2003 Server, Windows 98 and 3 more | 2023-12-10 | 9.3 HIGH | N/A |
An unspecified Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000 SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, allows attackers to cause a denial of service (crash) and possibly execute code via a crafted WMF file with a manipulated WMF header size, possibly involving an integer overflow, a different vulnerability than CVE-2005-4560, and aka "WMF Image Parsing Memory Corruption Vulnerability." | |||||
CVE-2005-3709 | 1 Apple | 1 Quicktime | 2023-12-10 | 7.5 HIGH | N/A |
Integer underflow in Apple Quicktime before 7.0.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Color Map Entry Size in a TGA image file. | |||||
CVE-2005-1852 | 4 Centericq, Ekg, Kadu and 1 more | 4 Centericq, Ekg, Kadu and 1 more | 2023-12-10 | 7.5 HIGH | N/A |
Multiple integer overflows in libgadu, as used in Kopete in KDE 3.2.3 to 3.4.1, ekg before 1.6rc3, GNU Gadu, CenterICQ, Kadu, and other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an incoming message. | |||||
CVE-2005-1704 | 1 Gnu | 1 Gdb | 2023-12-10 | 4.6 MEDIUM | N/A |
Integer overflow in the Binary File Descriptor (BFD) library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer overflow. | |||||
CVE-2005-4837 | 2 Net-snmp, Sourceforge | 2 Net-snmp, Net-snmp | 2023-12-10 | 10.0 HIGH | N/A |
snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177. | |||||
CVE-2005-3624 | 18 Conectiva, Debian, Easy Software Products and 15 more | 33 Linux, Debian Linux, Cups and 30 more | 2023-12-10 | 5.0 MEDIUM | N/A |
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. | |||||
CVE-2006-1467 | 1 Apple | 1 Itunes | 2023-12-10 | 5.1 MEDIUM | N/A |
Integer overflow in the AAC file parsing code in Apple iTunes before 6.0.5 on Mac OS X 10.2.8 or later, and Windows XP and 2000, allows remote user-assisted attackers to execute arbitrary code via an AAC (M4P, M4A, or M4B) file with a sample table size (STSZ) atom with a "malformed" sample_size_table value. | |||||
CVE-2005-2495 | 1 Xfree86 Project | 1 Xfree86 | 2023-12-10 | 5.1 MEDIUM | N/A |
Multiple integer overflows in XFree86 before 4.3.0 allow user-assisted attackers to execute arbitrary code via a crafted pixmap image. | |||||
CVE-2006-3082 | 1 Gnupg | 1 Gnupg | 2023-12-10 | 5.0 MEDIUM | N/A |
parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions, allows remote attackers to cause a denial of service (gpg crash) and possibly overwrite memory via a message packet with a large length (long user ID string), which could lead to an integer overflow, as demonstrated using the --no-armor option. | |||||
CVE-2006-1834 | 1 Opera | 1 Opera Browser | 2023-12-10 | 5.1 MEDIUM | N/A |
Integer signedness error in Opera before 8.54 allows remote attackers to execute arbitrary code via long values in a stylesheet attribute, which pass a length check. NOTE: a sign extension problem makes the attack easier with shorter strings. | |||||
CVE-2006-1459 | 1 Apple | 1 Quicktime | 2023-12-10 | 5.1 MEDIUM | N/A |
Multiple integer overflows in Apple QuickTime before 7.1 allow remote attackers to cause a denial of service or execute arbitrary code via a crafted QuickTime movie (.MOV). | |||||
CVE-2006-1458 | 1 Apple | 1 Quicktime | 2023-12-10 | 5.1 MEDIUM | N/A |
Integer overflow in Apple QuickTime Player before 7.1 allows remote attackers to execute arbitrary code via a crafted JPEG image. |