Total
1222 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-2914 | 1 Konstanty Bialkowski | 1 Libmodplug | 2024-11-21 | 6.8 MEDIUM | N/A |
Off-by-one error in the CSoundFile::ReadDSM function in src/load_dms.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted DSM file with a large number of samples. | |||||
CVE-2011-2913 | 1 Konstanty Bialkowski | 1 Libmodplug | 2024-11-21 | 6.8 MEDIUM | N/A |
Off-by-one error in the CSoundFile::ReadAMS function in src/load_ams.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service (stack memory corruption) and possibly execute arbitrary code via a crafted AMS file with a large number of samples. | |||||
CVE-2011-2911 | 1 Konstanty Bialkowski | 1 Libmodplug | 2024-11-21 | 6.8 MEDIUM | N/A |
Integer overflow in the CSoundFile::ReadWav function in src/load_wav.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted WAV file, which triggers a heap-based buffer overflow. | |||||
CVE-2011-2721 | 1 Clamav | 1 Clamav | 2024-11-21 | 5.0 MEDIUM | N/A |
Off-by-one error in the cli_hm_scan function in matcher-hash.c in libclamav in ClamAV before 0.97.2 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message that is not properly handled during certain hash calculations. | |||||
CVE-2011-2698 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 4.3 MEDIUM | N/A |
Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid packet. | |||||
CVE-2011-2662 | 1 Novell | 1 Groupwise | 2024-11-21 | 10.0 HIGH | N/A |
Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message. | |||||
CVE-2011-2593 | 1 Citrix | 1 Access Gateway Plug-in | 2024-11-21 | 6.8 MEDIUM | N/A |
Integer overflow in the StartEpa method in the nsepacom ActiveX control (nsepa.exe) in Citrix Access Gateway Enterprise Edition Plug-in for Windows 9.x before 9.3-57.5 and 10.0 before 10.0-69.4 allows remote attackers to execute arbitrary code via a crafted Content-Length HTTP header, which triggers a heap-based buffer overflow. | |||||
CVE-2011-2521 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | N/A |
The x86_assign_hw_event function in arch/x86/kernel/cpu/perf_event.c in the Performance Events subsystem in the Linux kernel before 2.6.39 does not properly calculate counter values, which allows local users to cause a denial of service (panic) via the perf program. | |||||
CVE-2011-2516 | 2 Apache, Shibboleth | 2 Xml Security For C\+\+, Shibboleth-sp | 2024-11-21 | 5.0 MEDIUM | N/A |
Off-by-one error in the XML signature feature in Apache XML Security for C++ 1.6.0, as used in Shibboleth before 2.4.3 and possibly other products, allows remote attackers to cause a denial of service (crash) via a signature using a large RSA key, which triggers a buffer overflow. | |||||
CVE-2011-2511 | 1 Redhat | 1 Libvirt | 2024-11-21 | 4.0 MEDIUM | N/A |
Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption. | |||||
CVE-2011-2496 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.9 MEDIUM | N/A |
Integer overflow in the vma_to_resize function in mm/mremap.c in the Linux kernel before 2.6.39 allows local users to cause a denial of service (BUG_ON and system crash) via a crafted mremap system call that expands a memory mapping. | |||||
CVE-2011-2489 | 1 Nrl | 1 Opie | 2024-11-21 | 7.2 HIGH | N/A |
Multiple off-by-one errors in opiesu.c in opiesu in OPIE 2.4.1-test1 and earlier might allow local users to gain privileges via a crafted command line. | |||||
CVE-2011-2416 | 6 Adobe, Apple, Google and 3 more | 7 Adobe Air, Flash Player, Mac Os X and 4 more | 2024-11-21 | 10.0 HIGH | N/A |
Integer overflow in Adobe Flash Player before 10.3.183.5 on Windows, Mac OS X, Linux, and Solaris and before 10.3.186.3 on Android, and Adobe AIR before 2.7.1 on Windows and Mac OS X and before 2.7.1.1961 on Android, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2136 and CVE-2011-2138. | |||||
CVE-2011-2371 | 1 Mozilla | 3 Firefox, Seamonkey, Thunderbird | 2024-11-21 | 10.0 HIGH | N/A |
Integer overflow in the Array.reduceRight method in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to execute arbitrary code via vectors involving a long JavaScript Array object. | |||||
CVE-2011-2331 | 1 Hp | 1 Intelligent Management Center | 2024-11-21 | 10.0 HIGH | N/A |
Integer overflow in img.exe in HP Intelligent Management Center (IMC) allows remote attackers to execute arbitrary code via a crafted length value in an a packet that triggers a heap-based buffer overflow, possibly related to an "recv" field. | |||||
CVE-2011-2209 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 2.1 LOW | N/A |
Integer signedness error in the osf_sysinfo function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call. | |||||
CVE-2011-2208 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 2.1 LOW | N/A |
Integer signedness error in the osf_getdomainname function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform allows local users to obtain sensitive information from kernel memory via a crafted call. | |||||
CVE-2011-2194 | 1 Videolan | 1 Vlc Media Player | 2024-11-21 | 9.3 HIGH | N/A |
Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. | |||||
CVE-2011-2175 | 1 Wireshark | 1 Wireshark | 2024-11-21 | 4.3 MEDIUM | N/A |
Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read. | |||||
CVE-2011-2168 | 1 Openbsd | 1 Openbsd | 2024-11-21 | 5.0 MEDIUM | N/A |
Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APPEND and GLOB_DOOFFS flags, a different issue than CVE-2011-0418. |