Searching stream software vulnerabilities

Linux gpm program allows local users to cause a

/dev/gpmctl | flooding | program | sockets | service | denial | STREAM | allows | device | local | Linux | cause | users | gpm |

Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device with STREAM sockets.


Windows 2000 Server allows remote attackers to

Windows |

Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization.


Watchguard Firebox II prior to 4.6 allows a rem

Watchguard | attacker | service | Firebox | denial | stream | kernel | allows | remote | create | large | prior | via |

Watchguard Firebox II prior to 4.6 allows a remote attacker to create a denial of service in the kernel via a large stream (>10,000) of malformed ICMP or TCP packets.


The RC4 stream cipher as used by SSH1 allows re

redundancy | attackers | message's | detection | messages | original | without | cyclic | XORing | stream | cipher | allows | modify | remote | check | SSH1 | used | RC4 |

The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check (CRC) with the CRC of a mask consisting of all the bits of the original message that were modified.


Buffer overflow in the progressive reader for l

progressive | overflow | libpng | before | Buffer | reader | 12x |

Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk.


The web server for Cisco IP Phone (VoIP) models

server | Phone | Cisco | web |

The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script.


Integer overflow in the TCP stream reassembly m

reassembly | overflow | Integer | stream | module | TCP |

Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.


Buffer overflow in the get_header function in a

asf_mmst_streamingc | get_header | attackers | arbitrary | overflow | function | execute | MPlayer | crafted | stream | 10pre5 | Buffer | remote | allows | video | code | via | ASF |

Buffer overflow in the get_header function in asf_mmst_streaming.c for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a crafted ASF video stream.


Stack-based buffer overflow in the asf_mmst_str

asf_mmst_streamingc | functionality | Stack-based | arbitrary | attackers | overflow | execute | MPlayer | packet | stream | buffer | 10pre5 | allows | remote | large | code | MMST | via |

Stack-based buffer overflow in the asf_mmst_streaming.c functionality for MPlayer 1.0pre5 allows remote attackers to execute arbitrary code via a large MMST stream packet.


Vypress Tonecast 1.3 and earlier allows remote

attackers | Tonecast | service | Vypress | earlier | denial | allows | remote | cause |

Vypress Tonecast 1.3 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed mp2 stream.


The DNSPacket::expand method in dnspacket.cc in


The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 allows remote attackers to cause a denial of service by sending a random stream of bytes.


The php_next_marker function in image.c for PHP

php_next_marker | function | imagec | PHP |

The php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek.


Xpdf, as used in products such as gpdf, kpdf, p

libextractor | attackers | pdftohtml | products | poppler | service | others | allows | denial | cause | teTeX | such | used | Xpdf | CUPS | kpdf | gpdf |

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.


Ingate Firewall before 4.3.4 and SIParator befo

Firewall | before | Ingate |

Ingate Firewall before 4.3.4 and SIParator before 4.3.4 allows remote attackers to cause a denial of service (kernel deadlock) by sending a SYN packet for a TCP stream, which requires an RST packet in response.


Buffer overflow in xine_list_delete_current in

xine_list_delete_current | overflow | libxine | Buffer |

Buffer overflow in xine_list_delete_current in libxine 1.14 and earlier, as distributed in xine-lib 1.1.1 and earlier, allows remote attackers to execute arbitrary code via a crafted MPEG stream.


The ext3fs_dirhash function in Linux kernel 2.6

ext3fs_dirhash | function | service | allows | denial | kernel | cause | Linux | local | users | 26x |

The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext3 stream with malformed data structures.


Buffer overflow in the php_stream_filter_create

php_stream_filter_create | function | overflow | before | Buffer | PHP |

Buffer overflow in the php_stream_filter_create function in PHP 5 before 5.2.1 allows remote attackers to cause a denial of service (application crash) via a php://filter/ URL that has a name ending in the '.' character.


The Java Message Service (JMS) in IBM WebSphere

Service | Message | Java |

The Java Message Service (JMS) in IBM WebSphere Application Server (WAS) before 6.1.0.7 allows attackers to cause a denial of service via unknown vectors involving the "double release [of] a bytebuffer input stream," possibly a double-free vulnerability.


Incomplete blacklist vulnerability in the filem

vulnerability | filemanager | Incomplete | FCKeditor | Frederico | blacklist | Caldeira | Knabben |

Incomplete blacklist vulnerability in the filemanager in Frederico Caldeira Knabben FCKeditor 2.4.2 allows remote attackers to upload arbitrary .php files via an alternate data stream syntax, as demonstrated by .php::$DATA filenames, a related issue to CVE-2006-0658.


Buffer overflow in the vorbis_stream_info funct

input/vorbis/vorbis_enginec | vorbis_stream_info | function | overflow | Buffer |

Buffer overflow in the vorbis_stream_info function in input/vorbis/vorbis_engine.c (aka the vorbis input plugin) in AlsaPlayer before 0.99.80-rc3 allows remote attackers to execute arbitrary code via a .OGG file with long comments.


Software vulnerabilities results 1 to 20 of 46     
Page: 123