Searching structures software vulnerabilities

The DNS map code in Sendmail 8.12.8 and earlier

Sendmail | code | DNS | map |

The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.


Real time clock (RTC) routines in Linux kernel

clock | time | Real |

Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.


The component for the Virtual DOS Machine (VDM)

component | Machine | Virtual | DOS |

The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.


The Virtual DOS Machine (VDM) subsystem of Micr

Machine | Virtual | DOS |

The Virtual DOS Machine (VDM) subsystem of Microsoft Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows local users to access kernel memory and gain privileges via a malicious program that modified some system structures in a way that is not properly validated by privileged operating system functions.


The kernel for Microsoft Windows Server 2003 do

Microsoft | Windows | Server | kernel |

The kernel for Microsoft Windows Server 2003 does not reset certain values in CPU data structures, which allows local users to cause a denial of service (system crash) via a malicious program.


Certain USB drivers in the Linux 2.4 kernel use

uninitialized | copy_to_user | information | structures | sensitive | function | previous | Certain | reading | drivers | cleared | obtain | kernel | memory | usage | could | which | Linux | users | local | allow | USB | not | use |

Certain USB drivers in the Linux 2.4 kernel use the copy_to_user function on uninitialized structures, which could allow local users to obtain sensitive information by reading memory that was not cleared from previous usage.


The process_logon_packet function in the nmbd s

process_logon_packet | function | server | Samba | nmbd |

The process_logon_packet function in the nmbd server for Samba 3.0.6 and earlier, when domain logons are enabled, allows remote attackers to cause a denial of service via a SAM_UAS_CHANGE request with a length value that is larger than the number of structures that are provided.


Unspecified vulnerability in the error handler

vulnerability | Unspecified | Enterprise | Generator | Hitachi | handler | error | Page | Web |

Unspecified vulnerability in the error handler in Hitachi Web Page Generator and Web Page Generator Enterprise 4.01 and earlier, when using the default error template and debug mode is set to ON, allows remote attackers to determine internal directory structures via unknown attack vectors.


Unspecified vulnerability in ASN.1 Compiler (as

vulnerability | Unspecified | Compiler | ASN1 |

Unspecified vulnerability in ASN.1 Compiler (asn1c) before 0.9.7 has unknown impact and attack vectors when processing "CHOICE" types with "indefinite length structures."


COM+ in Microsoft Windows does not properly "cr

structures" | arbitrary | attackers | Microsoft | properly | execute | "create | Windows | allows | remote | memory | users | local | which | code | does | COM+ | not | use |

COM+ in Microsoft Windows does not properly "create and use memory structures," which allows local users or remote attackers to execute arbitrary code.


OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.

OpenSSL |

OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition.


alloccgblk in the UFS filesystem in Solaris 10

filesystem | alloccgblk | Solaris | service | denial | allows | cause | local | users | UFS |

alloccgblk in the UFS filesystem in Solaris 10 allows local users to cause a denial of service (memory corruption) by mounting crafted UFS filesystems with malformed data structures.


Race condition in the __find_get_block_slow fun

__find_get_block_slow | filesystem | condition | function | ISO9660 | Linux | Race |

Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures.


The Graphics Rendering Engine in Microsoft Wind

Microsoft | Rendering | Graphics | Windows | Engine |

The Graphics Rendering Engine in Microsoft Windows 2000 through 2000 SP4 and Windows XP through SP2 maps GDI Kernel structures on a global shared memory section that is mapped with read-only permissions, but can be remapped by other processes as read-write, which allows local users to cause a denial of service (memory corruption and crash) and gain privileges by modifying the kernel structures.


The ext3fs_dirhash function in Linux kernel 2.6

ext3fs_dirhash | function | service | allows | denial | kernel | cause | Linux | local | users | 26x |

The ext3fs_dirhash function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext3 stream with malformed data structures.


The ext2 file system code in Linux kernel 2.6.x

service | kernel | denial | allows | system | local | users | cause | Linux | ext2 | code | file | 26x |

The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext2 stream with malformed data structures that triggers an error in the ext2_check_page due to a length that is smaller than the minimum.


Integer overflow in the ProcRenderAddGlyphs fun

ProcRenderAddGlyphs | extension | function | overflow | Integer | Render | XOrg |

Integer overflow in the ProcRenderAddGlyphs function in the Render extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of glyph management data structures.


Integer overflow in the ProcDbeGetVisualInfo fu

ProcDbeGetVisualInfo | extension | function | overflow | Integer | XOrg | DBE |

Integer overflow in the ProcDbeGetVisualInfo function in the DBE extension for X.Org 6.8.2, 6.9.0, 7.0, and 7.1, and XFree86 X server, allows local users to execute arbitrary code via a crafted X protocol request that triggers memory corruption during processing of unspecified data structures.


eFileCabinet 3.3 allows remote attackers to byp

filecabinetnumber | authentication | eFileCabinet | information | structures | restricted | interface | sensitive | attackers | leveraged | portions | invalid | remote | bypass | allows | create | obtain | access | which | data | via | can | new |

eFileCabinet 3.3 allows remote attackers to bypass authentication and access restricted portions of the interface via an invalid filecabinetnumber, which can be leveraged to obtain sensitive information or create new data structures.


Unspecified vulnerability in the fetch function

Structures-DataGrid-DataSource-MDB2 | vulnerability | Unspecified | function | MDB2php | fetch | PEAR |

Unspecified vulnerability in the fetch function in MDB2.php in PEAR Structures-DataGrid-DataSource-MDB2 0.1.9 and earlier allows attackers to "manipulate the generated sorting queries."


Software vulnerabilities results 1 to 20 of 29     
Page: 12