Total
1230 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-5746 | 1 Openoffice | 1 Openoffice.org | 2017-09-29 | 6.8 MEDIUM | N/A |
| Integer overflow in OpenOffice.org before 2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an EMF file with a crafted EMR_STRETCHBLT record, which triggers a heap-based buffer overflow. | |||||
| CVE-2007-5467 | 1 Extremail | 1 Extremail | 2017-09-29 | 10.0 HIGH | N/A |
| Integer overflow in eXtremail 2.1.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long USER command containing "%s" sequences to the pop3 port (110/tcp), which are expanded to "%%s" before being used in the memmove function, possibly due to an incomplete fix for CVE-2001-1078. | |||||
| CVE-2007-4619 | 2 Flac, Nullsoft | 2 Libflac, Winamp | 2017-09-29 | 9.3 HIGH | N/A |
| Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory allocation, resulting in a heap-based buffer overflow. | |||||
| CVE-2007-3996 | 1 Php | 1 Php | 2017-09-29 | 6.8 MEDIUM | N/A |
| Multiple integer overflows in libgd in PHP before 5.2.4 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large (1) srcW or (2) srcH value to the (a) gdImageCopyResized function, or a large (3) sy (height) or (4) sx (width) value to the (b) gdImageCreate or the (c) gdImageCreateTrueColor function. | |||||
| CVE-2015-3829 | 1 Google | 1 Android | 2017-09-21 | 10.0 HIGH | N/A |
| Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via crafted MPEG-4 covr atoms with a size equal to SIZE_MAX, aka internal bug 20923261. | |||||
| CVE-2015-3828 | 1 Google | 1 Android | 2017-09-21 | 10.0 HIGH | N/A |
| The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM), which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted 3GPP metadata, aka internal bug 20923261, a related issue to CVE-2015-3826. | |||||
| CVE-2015-3827 | 1 Google | 1 Android | 2017-09-21 | 9.3 HIGH | N/A |
| The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted MPEG-4 covr atoms, aka internal bug 20923261. | |||||
| CVE-2015-3826 | 1 Google | 1 Android | 2017-09-21 | 5.0 MEDIUM | N/A |
| The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM), which allows remote attackers to cause a denial of service (integer underflow, buffer over-read, and mediaserver process crash) via crafted 3GPP metadata, aka internal bug 20923261, a related issue to CVE-2015-3828. | |||||
| CVE-2015-1539 | 1 Google | 1 Android | 2017-09-21 | 10.0 HIGH | N/A |
| Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atoms, aka internal bug 20139950, a related issue to CVE-2015-4493. | |||||
| CVE-2015-1538 | 1 Google | 1 Android | 2017-09-21 | 10.0 HIGH | N/A |
| Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted atoms in MP4 data that trigger an unchecked multiplication, aka internal bug 20139950, a related issue to CVE-2015-4496. | |||||
| CVE-2013-4935 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 4.3 MEDIUM | N/A |
| The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2013-4929 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 7.8 HIGH | N/A |
| The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding zero remaining bytes, which allows remote attackers to cause a denial of service (loop) via a crafted packet. | |||||
| CVE-2013-4928 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 7.8 HIGH | N/A |
| Integer signedness error in the dissect_headers function in epan/dissectors/packet-btobex.c in the Bluetooth OBEX dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | |||||
| CVE-2013-4927 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 7.8 HIGH | N/A |
| Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet. | |||||
| CVE-2013-4925 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted packet. | |||||
| CVE-2013-4921 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | |||||
| CVE-2013-3358 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2017-09-19 | 10.0 HIGH | N/A |
| Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3357. | |||||
| CVE-2013-3357 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2017-09-19 | 10.0 HIGH | N/A |
| Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3358. | |||||
| CVE-2013-2729 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2017-09-19 | 10.0 HIGH | N/A |
| Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2727. | |||||
| CVE-2013-2727 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2017-09-19 | 10.0 HIGH | N/A |
| Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2729. | |||||