| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the XvQueryPortAttributes function. |
| Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value. |
| Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value. |
| WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
| WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
| WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
| Stack-based buffer overflow in the guac_client_plugin_open function in libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long protocol name. |
| WebKit, as used in Apple iTunes before 10.2 on Windows, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than other CVEs listed in APPLE-SA-2011-03-02-1. |
| Heap-based buffer overflow in ImageIO in CoreGraphics in Apple iTunes before 10.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted International Color Consortium (ICC) profile in a JPEG image. |
| net/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not properly determine the need for UDP Fragmentation Offload (UFO) processing of small packets after the UFO queueing of a large packet, which allows remote attackers to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via network traffic that triggers a large response packet. |
| Multiple stack-based buffer overflows in Apple QuickTime before 7.7 on Windows allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted H.264 movie. |
| WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
| WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1. |
| Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a malformed BROWSER ELECTION message, leading to a heap-based buffer overflow, aka "Browser Pool Corruption Vulnerability." NOTE: some of these details are obtained from third party information. |
| The serializing/deserializing functions in the qpid::framing::Buffer class in Apache Qpid 0.20 and earlier allow remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. NOTE: this issue could also trigger an out-of-bounds read, but it might not trigger a crash. |
| Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP response header for a proxy.pac file request, a different vulnerability than CVE-2012-4504. |
| Buffer overflow in pgpwded.sys in Symantec PGP Desktop 10.x and Encryption Desktop 10.3.0 before MP1 on Windows XP and Server 2003 allows local users to gain privileges via a crafted application. |
| mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file. |
| WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-07-25-1. |
| Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors. |
