Vulnerabilities (CVE)

Filtered by CWE-400
Total 1614 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-1377 4 Adobe, Mozilla, Netscape and 1 more 4 Acrobat Reader, Firefox, Navigator and 1 more 2024-02-28 5.0 MEDIUM N/A
AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236.
CVE-2007-4725 1 7-zip 1 7-zip 2024-02-28 6.8 MEDIUM N/A
Stack consumption vulnerability in AkkyWareHOUSE 7-zip32.dll before 4.42.00.04, as derived from Igor Pavlov 7-Zip before 4.53 beta, allows user-assisted remote attackers to execute arbitrary code via a long filename in an archive, leading to a heap-based buffer overflow.
CVE-2008-0132 1 Pragmasys 1 Fortress Ssh 2024-02-28 5.0 MEDIUM N/A
Pragma FortressSSH 5.0 Build 4 Revision 293 and earlier handles long input to sshd.exe by creating an error-message window and waiting for the administrator to click in this window before terminating the sshd.exe process, which allows remote attackers to cause a denial of service (connection slot exhaustion) via a flood of SSH connections with long data objects, as demonstrated by (1) a long list of keys and (2) a long username.
CVE-2007-2650 2 Clamav, Debian 2 Clamav, Debian Linux 2024-02-28 4.3 MEDIUM N/A
The OLE2 parser in Clam AntiVirus (ClamAV) allows remote attackers to cause a denial of service (resource consumption) via an OLE2 file with (1) a large property size or (2) a loop in the FAT file block chain that triggers an infinite loop, as demonstrated via a crafted DOC file.
CVE-2006-1364 1 Microsoft 1 Asp.net 2024-02-28 7.8 HIGH 7.5 HIGH
Microsoft w3wp (aka w3wp.exe) does not properly handle when the AspCompat directive is not used when referencing COM components in ASP.NET, which allows remote attackers to cause a denial of service (resource consumption or crash) by repeatedly requesting each of several documents that refer to COM components, or are restricted documents located under the ASP.NET application path.
CVE-2005-2309 1 Opera 1 Opera Browser 2024-02-28 5.0 MEDIUM N/A
Opera 8.01 allows remote attackers to cause a denial of service (CPU consumption) via a crafted JPEG image, as demonstrated using random.jpg.
CVE-2005-0738 1 Microsoft 1 Exchange Server 2024-02-28 5.0 MEDIUM N/A
Stack consumption vulnerability in Microsoft Exchange Server 2003 SP1 allows users to cause a denial of service (hang) by deleting or moving a folder with deeply nested subfolders, which causes Microsoft Exchange Information Store service (Store.exe) to hang as a result of a large number of recursive calls.
CVE-2005-1260 4 Apple, Bzip, Canonical and 1 more 4 Mac Os X, Bzip2, Ubuntu Linux and 1 more 2024-02-28 5.0 MEDIUM N/A
bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb").
CVE-2004-1201 1 Opera 1 Opera Browser 2024-02-28 5.0 MEDIUM N/A
Opera 7.54 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.
CVE-2002-1873 1 Microsoft 1 Exchange Server 2024-02-28 5.0 MEDIUM N/A
Microsoft Exchange 2000, when used with Microsoft Remote Procedure Call (MSRPC), allows remote attackers to cause a denial of service (crash or memory consumption) via malformed MSRPC calls.
CVE-2002-0368 1 Microsoft 1 Exchange Server 2024-02-28 5.0 MEDIUM N/A
The Store Service in Microsoft Exchange 2000 allows remote attackers to cause a denial of service (CPU consumption) via a mail message with a malformed RFC message attribute, aka "Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources."
CVE-2002-1876 1 Microsoft 1 Exchange Server 2024-02-28 2.1 LOW N/A
Microsoft Exchange 2000 allows remote authenticated attackers to cause a denial of service via a large number of rapid requests, which consumes all of the licenses that are granted to Exchange by IIS.
CVE-2001-0666 1 Microsoft 1 Exchange Server 2024-02-28 2.1 LOW N/A
Outlook Web Access (OWA) in Microsoft Exchange 2000 allows an authenticated user to cause a denial of service (CPU consumption) via a malformed OWA request for a deeply nested folder within the user's mailbox.
CVE-2003-0714 1 Microsoft 1 Exchange Server 2024-02-28 7.5 HIGH N/A
The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000.