<< Previous Next >>
denial of service
Problem Description:
Multiple vulnerabilities has been found and corrected in poppler:
Multiple buffer overflows in the JBIG2 decoder in Xpdf 3.02pl2
and earlier allow remote attackers to cause a denial of service
(crash) via a crafted PDF file, related to (1) setBitmap and (2)
readSymbolDictSeg (CVE-2009-0146).
Multiple integer overflows in the JBIG2 decoder in Xpdf 3.02pl2 and
earlier allow remote attackers to cause a denial of service (crash)
Problem Description:
Multiple integer overflows in the JBIG2 decoder in
Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and
other products allow remote attackers to cause a denial
of service (crash) via a crafted PDF file, related to (1)
JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg,
and (3) JBIG2Stream::readGenericBitmap. (CVE-2009-0146, CVE-2009-0147)
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and
earlier allows remote attackers to cause a denial of service (daemon
Multiple vulnerabilities has been discovered and corrected in libtiff:
The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in
ImageMagick, does not properly handle invalid ReferenceBlackWhite
values, which allows remote attackers to cause a denial of service
(application crash) via a crafted TIFF image that triggers an array
index error, related to downsampled OJPEG input. (CVE-2010-2595)
Multiple integer overflows in the Fax3SetupState function in tif_fax3.c
in the FAX3 decoder in LibTIFF before 3.9.3 allow remote attackers to
Multiple vulnerabilities has been identified and fixed in ffmpeg:
oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain
pointer arithmetic, which might allow remote attackers to obtain
sensitive memory contents and cause a denial of service via a crafted
file that triggers an out-of-bounds read. (CVE-2009-4632)
vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a
comparison operator was intended, which might allow remote attackers
to cause a denial of service and possibly execute arbitrary code via
2. *Vulnerability Information*
Class: Buffer overflow [CWE-119]
Impact: Code execution, Denial of service
Remotely Exploitable: Yes
Locally Exploitable: No
CVE Name: CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512,
CVE-2012-2513, CVE-2012-2514
Oracle Secure Backup's observiced.exe Denial Of Service vulnerability
2009.January.13
Fortinet's FortiGuard Global Security Research Team Discovers a vulnerability in observiced.exe of Oracle Secure Backup
Summary:
========
A Denial Of Service vulnerability exists Oracle Secure Backup 10.2.0.2 observiced.exe through malformed packet.
<!--
MS Internet Explorer 7 Denial Of Service Exploit
Type :
Denial Of Service
Release Date :
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Security Advisory
MSL-2008-002 - HTC Touch vCard over IP Denial of Service
Advisory Information
- --------------------
On 29 Sep 2008 19:59:55 -0000, UniquE@unique-key.org
<UniquE@unique-key.org> wrote:
> <!--
>
> MS Internet Explorer 7 Denial Of Service Exploit
>
> Type :
>
> Denial Of Service
>
Team Vexillium
Security Advisory
http://vexillium.org/
Name : WinImage 8.10 Multiple Vulnerabilities
Class : Denial of Service and Directory Traversal
Threat level : LOW (DoS), MED (Dir. traversal vuln)
Discovered : 2007-08-31
Published : 2007-09-15
Credit : j00ru//vx
Vulnerable : WinImage 8.10,
http://www.debian.org/security/ Dann Frazier
February 27, 2010 http://www.debian.org/security/faq
- ----------------------------------------------------------------------
Package : linux-2.6.24
Vulnerability : privilege escalation/denial of service/sensitive memory leak
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2009-2691 CVE-2009-2695 CVE-2009-3080 CVE-2009-3726
CVE-2009-3889 CVE-2009-4005 CVE-2009-4020 CVE-2009-4021
CVE-2009-4138 CVE-2009-4308 CVE-2009-4536 CVE-2009-4538
_______________________________________________________________________
Problem Description:
An out-of-bounds reading flaw in the JBIG2 decoder allows remote
attackers to cause a denial of service (crash) via a crafted PDF file
(CVE-2009-0799).
Multiple input validation flaws in the JBIG2 decoder allows
remote attackers to execute arbitrary code via a crafted PDF file
(CVE-2009-0800).
Problem Description:
Multiple integer overflows in the JBIG2 decoder in
Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and
other products allow remote attackers to cause a denial
of service (crash) via a crafted PDF file, related to (1)
JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg,
and (3) JBIG2Stream::readGenericBitmap. (CVE-2009-0146, CVE-2009-0147)
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and
earlier allows remote attackers to cause a denial of service (daemon
CVE-2007-1667
Multiple integer overflows in XInitImage function in xwd.c for
GraphicsMagick, allow user-assisted remote attackers to cause a
denial of service (crash) or obtain sensitive information via
crafted images with large or negative values that trigger a
buffer overflow. It only affects the oldstable distribution (etch).
CVE-2007-1797
Problem Description:
Multiple integer overflows in the JBIG2 decoder in
Xpdf 3.02pl2 and earlier, CUPS 1.3.9 and earlier, and
other products allow remote attackers to cause a denial
of service (crash) via a crafted PDF file, related to (1)
JBIG2Stream::readSymbolDictSeg, (2) JBIG2Stream::readSymbolDictSeg,
and (3) JBIG2Stream::readGenericBitmap. (CVE-2009-0146, CVE-2009-0147)
Integer overflow in the TIFF image decoding routines in CUPS 1.3.9 and
earlier allows remote attackers to cause a denial of service (daemon
http://www.debian.org/security/ dann frazier
May 6, 2009 http://www.debian.org/security/faq
- ----------------------------------------------------------------------
Package : linux-2.6
Vulnerability : denial of service/privilege escalation/information leak
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2008-4307 CVE-2008-5395 CVE-2008-5701 CVE-2008-5702
CVE-2008-5713 CVE-2009-0028 CVE-2009-0029 CVE-2009-0031
CVE-2009-0065 CVE-2009-0322 CVE-2009-0675 CVE-2009-0676
http://www.debian.org/security/ dann frazier
March 20, 2009 http://www.debian.org/security/faq
- ----------------------------------------------------------------------
Package : linux-2.6
Vulnerability : denial of service/privilege escalation/sensitive memory leak
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2009-0029 CVE-2009-0031 CVE-2009-0065 CVE-2009-0269
CVE-2009-0322 CVE-2009-0676 CVE-2009-0675 CVE-2009-0745
CVE-2009-0746 CVE-2009-0747 CVE-2009-0748
Vulnerability Table
===================
1. Windows Calendar (Vista) ICS File Denial of Service Vulnerability
2. Toolbar vulnerabilities:
a) Toolbar Gaming IE Toolbar Denial of Service Vulnerability
Problem Description:
Multiple vulnerabilities has been found and corrected in mysql:
storage/innobase/dict/dict0crea.c in mysqld in MySQL 5.1 before
5.1.49 allows remote authenticated users to cause a denial of service
(assertion failure) by modifying the (1) innodb_file_format or (2)
innodb_file_per_table configuration parameters for the InnoDB storage
engine, then executing a DDL statement (CVE-2010-3676).
MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote
Details follow:
Sauli Pahlman discovered that the TIFF library incorrectly handled invalid
td_stripbytecount fields. If a user or automated system were tricked into
opening a specially crafted TIFF image, a remote attacker could crash the
application, leading to a denial of service. This issue only affected
Ubuntu 10.04 LTS and 10.10. (CVE-2010-2482)
Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF
files with an invalid combination of SamplesPerPixel and Photometric
values. If a user or automated system were tricked into opening a specially
CVE-2010-1783
WebKit does not properly handle dynamic modification of a
text node, which allows remote attackers to execute arbitrary code or cause
a denial of service (memory corruption and application crash) via a
crafted HTML document.
CVE-2010-2901
Original advisory details:
Sauli Pahlman discovered that the TIFF library incorrectly handled invalid
td_stripbytecount fields. If a user or automated system were tricked into
opening a specially crafted TIFF image, a remote attacker could crash the
application, leading to a denial of service. This issue only affected
Ubuntu 10.04 LTS and 10.10. (CVE-2010-2482)
Sauli Pahlman discovered that the TIFF library incorrectly handled TIFF
files with an invalid combination of SamplesPerPixel and Photometric
values. If a user or automated system were tricked into opening a specially
Multiple vulnerabilities have been identified and fixed in mplayer:
oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain
pointer arithmetic, which might allow remote attackers to obtain
sensitive memory contents and cause a denial of service via a crafted
file that triggers an out-of-bounds read. (CVE-2009-4632)
vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a
comparison operator was intended, which might allow remote attackers
to cause a denial of service and possibly execute arbitrary code via
Multiple vulnerabilities have been identified and fixed in blender:
oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain
pointer arithmetic, which might allow remote attackers to obtain
sensitive memory contents and cause a denial of service via a crafted
file that triggers an out-of-bounds read. (CVE-2009-4632)
vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a
comparison operator was intended, which might allow remote attackers
to cause a denial of service and possibly execute arbitrary code via
Multiple security vulnerabilities has been discovered and corrected
in poppler:
An out-of-bounds reading flaw in the JBIG2 decoder allows remote
attackers to cause a denial of service (crash) via a crafted PDF file
(CVE-2009-0799).
Multiple input validation flaws in the JBIG2 decoder allows
remote attackers to execute arbitrary code via a crafted PDF file
(CVE-2009-0800).
CVE-2007-1592 CVE-2007-2172 CVE-2007-2525 CVE-2007-3848
CVE-2007-4308 CVE-2007-4311 CVE-2007-5093 CVE-2007-6063
CVE-2007-6151 CVE-2007-6206 CVE-2007-6694 CVE-2008-0007
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code.
The package versions referenced in the initial DSA-1503 advisory
introduced a regression that can cause hangs on systems that make use of
the ext2 filesystem. The regression has been resolved in the package
Louhi Networks Information Security Research
Security Advisory
Advisory: Xerox WorkCentre multiple models Denial of Service
Release Date: 2009/08/25
Last Modified: 2009/08/25
Authors: Juho Ranta
[juho.ranta@louhi.fi]
Henri Lindberg, CISA
:
: A remotely exploitable vulnerability has been discovered in the Apache
: Connector component of Oracle BEA WebLogic Server. Specifically, the
: vulnerability is due to a boundary error when processing incoming HTTP
: requests and can lead to a buffer overflow condition. This boundary
: error can lead to a Denial of Service (DoS) condition for the Apache
: HTTP server.
:
: 3. Vulnerability Analysis
:
: A remote unauthenticated attacker can exploit the vulnerability by
CVE-2007-1592 CVE-2007-2172 CVE-2007-2525 CVE-2007-3848
CVE-2007-4308 CVE-2007-4311 CVE-2007-5093 CVE-2007-6063
CVE-2007-6151 CVE-2007-6206 CVE-2007-6694 CVE-2008-0007
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2004-2731
CVE-2007-3739 CVE-2007-3740 CVE-2007-3848 CVE-2007-4133
CVE-2007-4308 CVE-2007-4573 CVE-2007-5093 CVE-2007-6063
CVE-2007-6151 CVE-2007-6206 CVE-2007-6694 CVE-2008-0007
Several local and remote vulnerabilities have been discovered in the Linux
kernel that may lead to a denial of service or the execution of arbitrary
code. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2006-5823
<<Previous Next>>
|
