Total
1222 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-0194 | 1 Apple | 3 Imageio, Mac Os X, Mac Os X Server | 2024-11-21 | 6.8 MEDIUM | N/A |
| Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding. | |||||
| CVE-2011-0188 | 2 Apple, Ruby-lang | 3 Mac Os X, Mac Os X Server, Ruby | 2024-11-21 | 6.8 MEDIUM | N/A |
| The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an "integer truncation issue." | |||||
| CVE-2011-0183 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | 5.0 MEDIUM | N/A |
| Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an unspecified integer field in an NFS RPC packet, which allows remote attackers to cause a denial of service (lockd, statd, mountd, or portmap outage) via a crafted packet, related to an "integer truncation issue." | |||||
| CVE-2011-0181 | 1 Apple | 3 Imageio, Mac Os X, Mac Os X Server | 2024-11-21 | 6.8 MEDIUM | N/A |
| Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XBM image. | |||||
| CVE-2011-0180 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | 2.1 LOW | N/A |
| Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local users to read arbitrary (1) HFS, (2) HFS+, or (3) HFS+J files via a crafted F_READBOOTSTRAP ioctl call. | |||||
| CVE-2011-0172 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-11-21 | 4.9 MEDIUM | N/A |
| AirPort in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to cause a denial of service (divide-by-zero error and reboot) via Wi-Fi frames on the local wireless network, a different vulnerability than CVE-2011-0162. | |||||
| CVE-2011-0098 | 1 Microsoft | 5 Excel, Excel Viewer, Office and 2 more | 2024-11-21 | 9.3 HIGH | N/A |
| Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via an XLS file with a large record size, aka "Excel Heap Overflow Vulnerability." | |||||
| CVE-2011-0097 | 1 Microsoft | 5 Excel, Excel Viewer, Office and 2 more | 2024-11-21 | 9.3 HIGH | N/A |
| Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via a crafted 400h substream in an Excel file, which triggers a stack-based buffer overflow, aka "Excel Integer Overrun Vulnerability." | |||||
| CVE-2011-0041 | 1 Microsoft | 6 Office, Windows 2003 Server, Windows Server 2003 and 3 more | 2024-11-21 | 9.3 HIGH | N/A |
| Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted EMF image, aka "GDI+ Integer Overflow Vulnerability." | |||||
| CVE-2011-0026 | 1 Microsoft | 8 Data Access Components, Windows 2003 Server, Windows 7 and 5 more | 2024-11-21 | 9.3 HIGH | N/A |
| Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long string in the Data Source Name (DSN) and a crafted szDSN argument, which bypasses a signed comparison and leads to a buffer overflow, aka "DSN Overflow Vulnerability." | |||||
| CVE-2010-5279 | 1 Vwar | 1 Virtual War | 2024-11-21 | 5.0 MEDIUM | N/A |
| article.php in Virtual War (aka VWar) 1.6.1 R2 allows remote attackers to cause a denial of service (memory consumption) via a large integer in the ratearticleselect parameter. | |||||
| CVE-2010-5139 | 1 Bitcoin | 2 Bitcoin Core, Wxbitcoin | 2024-11-21 | 7.5 HIGH | N/A |
| Integer overflow in wxBitcoin and bitcoind before 0.3.11 allows remote attackers to bypass intended economic restrictions and create many bitcoins via a crafted Bitcoin transaction. | |||||
| CVE-2010-5109 | 2 Fedoraproject, Randall Hand | 2 Fedora, Yerase\'s Tnef Stream Reader | 2024-11-21 | 4.3 MEDIUM | N/A |
| Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow. | |||||
| CVE-2010-5075 | 1 Avast\! | 1 Avast\! Internet Security | 2024-11-21 | 2.1 LOW | N/A |
| Integer overflow in aswFW.sys 5.0.594.0 in Avast! Internet Security 5.0 Korean Trial allows local users to cause a denial of service (memory corruption and panic) via a crafted IOCTL_ASWFW_COMM_PIDINFO_RESULTS DeviceIoControl request to \\.\aswFW. | |||||
| CVE-2010-4713 | 1 Novell | 1 Groupwise | 2024-11-21 | 10.0 HIGH | N/A |
| Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header. | |||||
| CVE-2010-4705 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 9.3 HIGH | N/A |
| Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to the sizes of certain integer data types. NOTE: this might overlap CVE-2011-0480. | |||||
| CVE-2010-4699 | 1 Php | 1 Php | 2024-11-21 | 5.0 MEDIUM | N/A |
| The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly handle encodings that are unrecognized by the iconv and mbstring (aka Multibyte String) implementations, which allows remote attackers to trigger an incomplete output array, and possibly bypass spam detection or have unspecified other impact, via a crafted Subject header in an e-mail message, as demonstrated by the ks_c_5601-1987 character set. | |||||
| CVE-2010-4665 | 1 Libtiff | 1 Libtiff | 2024-11-21 | 4.3 MEDIUM | N/A |
| Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries. | |||||
| CVE-2010-4645 | 1 Php | 1 Php | 2024-11-21 | 5.0 MEDIUM | N/A |
| strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers, as demonstrated using 2.2250738585072011e-308. | |||||
| CVE-2010-4530 | 1 Muscle | 1 Pcsc-lite | 2024-11-21 | 4.4 MEDIUM | N/A |
| Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow. | |||||