Total
105 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2009-1217 | 1 Microsoft | 2 Gdi\+, Windows Xp | 2023-12-10 | 4.3 MEDIUM | N/A |
Off-by-one error in the GpFont::SetData function in gdiplus.dll in Microsoft GDI+ on Windows XP allows remote attackers to cause a denial of service (stack corruption and application termination) via a crafted EMF file that triggers an integer overflow, as demonstrated by voltage-exploit.emf, aka the "Microsoft GdiPlus EMF GpFont.SetData integer overflow." | |||||
CVE-2008-3535 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2023-12-10 | 4.9 MEDIUM | N/A |
Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the Linux Test Project. | |||||
CVE-2008-3964 | 1 Libpng | 1 Libpng | 2023-12-10 | 4.3 MEDIUM | N/A |
Multiple off-by-one errors in libpng before 1.2.32beta01, and 1.4 before 1.4.0beta34, allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a PNG image with crafted zTXt chunks, related to (1) the png_push_read_zTXt function in pngread.c, and possibly related to (2) pngtest.c. | |||||
CVE-2007-2052 | 1 Python | 1 Python | 2023-12-10 | 5.0 MEDIUM | N/A |
Off-by-one error in the PyLocale_strxfrm function in Modules/_localemodule.c for Python 2.4 and 2.5 causes an incorrect buffer size to be used for the strxfrm function, which allows context-dependent attackers to read portions of memory via unknown manipulations that trigger a buffer over-read due to missing null termination. | |||||
CVE-2005-1268 | 3 Apache, Debian, Redhat | 5 Http Server, Debian Linux, Enterprise Linux Desktop and 2 more | 2023-12-10 | 5.0 MEDIUM | N/A |
Off-by-one error in the mod_ssl Certificate Revocation List (CRL) verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service (child process crash) via a CRL that causes a buffer overflow of one null byte. |