midl user allocate software vulnerabilities
vulnerabilities.aspcode.net
Searching midl user allocate software vulnerabilities
Operating systems with shared memory implementa
implementations
|
Operating
|
conduct
|
systems
|
service
|
bypass
|
limits
|
shared
|
memory
|
denial
|
based
|
allow
|
code
|
user
|
BSD
|
Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using mmap or shmget to allocate memory and cause page faults.
NetZero 3.0 and earlier uses weak encryption fo
information
|
encryption
|
password
|
storing
|
NetZero
|
decrypt
|
earlier
|
allows
|
user's
|
local
|
login
|
which
|
uses
|
weak
|
user
|
NetZero 3.0 and earlier uses weak encryption for storing a user's login information, which allows a local user to decrypt the password.
One-Time Passwords In Everything (a.k.a OPIE) 2
Everything
|
Passwords
|
One-Time
|
One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist.
The ASN.1 parser in Ethereal 0.9.2 and earlier
Ethereal
|
parser
|
ASN1
|
The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields.
Multiple buffer overflows in Cyrus SASL library
overflows
|
Multiple
|
library
|
buffer
|
Cyrus
|
SASL
|
Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string.
user_profile.asp in PortalApp 2.2 allows local
user_profileasp
|
privileges
|
modifying
|
PortalApp
|
variable
|
user_id
|
allows
|
local
|
users
|
gain
|
user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id variable.
A memory leak in Apache 2.0 through 2.0.44 allo
through
|
Apache
|
memory
|
leak
|
A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.
CiscoWorks Common Management Foundation (CMF) 2
Management
|
Foundation
|
CiscoWorks
|
Common
|
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages.
saned in sane-backends 1.0.7 and earlier, and p
sane-backends
|
saned
|
saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption).
Fetchmail 6.2.4 and earlier does not properly a
Fetchmail
|
Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email.
Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME
SCTP_SOCKOPT_DEBUG_NAME
|
overflow
|
socketc
|
Integer
|
kernel
|
option
|
socket
|
Linux
|
SCTP
|
Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which causes kmalloc to allocate 0 bytes of memory.
Gaim before 0.82 allows remote servers to cause
before
|
Gaim
|
Gaim before 0.82 allows remote servers to cause a denial of service (application crash) via a long HTTP Content-Length header, which causes Gaim to abort when attempting to allocate memory.
Unspecified vulnerability in the Change Data Ca
vulnerability
|
Unspecified
|
component
|
Database
|
Capture
|
Change
|
server
|
Oracle
|
Data
|
Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10.1.0.5, and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB02. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the CDC_ALLOCATE_LOCK function of the DBMS_CDC_UTILITY package.
flex.skl in Will Estes and John Millaway Fast L
Generator
|
Millaway
|
Analyzer
|
Lexical
|
flexskl
|
Estes
|
John
|
Fast
|
flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator (flex) before 2.5.33 does not allocate enough memory for grammars containing (1) REJECT statements or (2) trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependent attackers to execute arbitrary code.
Unspecified vulnerability in the pagedata subsy
vulnerability
|
Unspecified
|
subsystem
|
pagedata
|
process
|
system
|
file
|
Unspecified vulnerability in the pagedata subsystem of the process file system (/proc) in Solaris 8 through 10 allows local users to cause a denial of service (system hang or panic) via unknown attack vectors that cause cause the kmem_oversize arena to allocate a large amount of system memory that does not get freed.
Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows
Apple
|
Mail
|
Mac
|
Mail in Apple Mac OS X 10.3.9 and 10.4.6 allows remote attackers to execute arbitrary code via an enriched text e-mail message with "invalid color information" that causes Mail to allocate and initialize arbitrary classes.
The decode_stringmap function in server_transpo
server_transportcpp
|
decode_stringmap
|
function
|
UFO2000
|
svn
|
The decode_stringmap function in server_transport.cpp for UFO2000 svn 1057 allows remote attackers to cause a denial of service (daemon termination) via a large keysize or valsize, which causes a crash when the resize function cannot allocate sufficient memory.
Heap-based buffer overflow in the ole_info_read
ole_info_read_metabat
|
Structured
|
Heap-based
|
function
|
overflow
|
library
|
buffer
|
Gnome
|
File
|
Heap-based buffer overflow in the ole_info_read_metabat function in Gnome Structured File library (libgsf) 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large num_metabat value in an OLE document, which causes the ole_init_info function to allocate insufficient memory.
wp-admin/user-edit.php in WordPress before 2.0.
wp-admin/user-editphp
|
WordPress
|
before
|
wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authenticated users to read the metadata of an arbitrary user via a modified user_id parameter.
Integer overflow in ALLOCATE_LOCAL in the ProcX
ProcXCMiscGetXIDList
|
ALLOCATE_LOCAL
|
extension
|
function
|
overflow
|
Integer
|
XC-MISC
|
server
|
XOrg
|
X11
|
Integer overflow in ALLOCATE_LOCAL in the ProcXCMiscGetXIDList function in the XC-MISC extension in the X.Org X11 server (xserver) 7.1-1.1.0, and other versions before Tuesday, April 03, 2007, allows remote authenticated users to execute arbitrary code via a large expression, which results in memory corruption.
Software vulnerabilities results 1 to 20 of 1896
Page:
1
2
3
4
5
...
95
►