| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a negative value in a region offset of a package header, which is not properly handled in a numeric range comparison. |
| Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.7 before 10.7.2 allows remote attackers to execute arbitrary code via a crafted embedded Type 1 font in a document. |
| Integer signedness error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to cause a denial of service via a crafted packet that triggers a heap-based buffer overflow. |
| Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc. |
| epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a zero value in a sub-type length field. |
| Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB 1.3.4 through 1.3.7, when the configuration sets httpMaxContentLength to a zero value, allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a large integer in the Content-Length HTTP header, aka bug #3001915. NOTE: some of these details are obtained from third party information. |
| Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow. |
| Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome before 4.0.249.89, allow remote attackers to execute arbitrary code in the Chrome sandbox via crafted use of JavaScript arrays. |
| Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value. |
| Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions. |
| Integer overflow in X.org libXfixes 5.0 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the XFixesGetCursorImage function. |
| Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions. |
| Multiple integer overflows in X.org libXvMC 1.0.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XvMCListSurfaceTypes and (2) XvMCListSubpictureTypes functions. |
| Integer overflow in X.org libXcursor 1.1.13 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the _XcursorFileHeaderCreate function. |
| Multiple integer overflows in X.org libXp 1.0.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XpGetAttributes, (2) XpGetOneAttribute, (3) XpGetPrinterList, and (4) XpQueryScreens functions. |
| Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function. |
| Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Integer Underflow Causes Heap Corruption Vulnerability." |
| Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2729. |
| Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted polygons in a PowerPoint document that triggers a heap-based buffer overflow. |
| Multiple integer signedness errors in libavcodec/dsputil.c in FFmpeg before 2.1 allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted data. |
