Search Results (2871 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2008-4260 1 Microsoft 6 Internet Explorer, Windows 2000, Windows Server 2003 and 3 more 2025-04-09 N/A
Microsoft Internet Explorer 7 sometimes attempts to access a deleted object, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, aka "Uninitialized Memory Corruption Vulnerability."
CVE-2008-4261 1 Microsoft 6 Internet Explorer, Windows 2000, Windows Server 2003 and 3 more 2025-04-09 N/A
Stack-based buffer overflow in Microsoft Internet Explorer 5.01 SP4, 6 SP1 on Windows 2000, and 6 on Windows XP and Server 2003 does not properly handle extraneous data associated with an object embedded in a web page, which allows remote attackers to execute arbitrary code via crafted HTML tags that trigger memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."
CVE-2008-4841 1 Microsoft 4 Windows 2000, Windows Server 2003, Windows Xp and 1 more 2025-04-09 N/A
The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the wild in December 2008. NOTE: As of 20081210, it is unclear whether this vulnerability is related to a WordPad issue disclosed on 20080925 with a 2008-crash.doc.rar example, but there are insufficient details to be sure.
CVE-2007-4941 1 Kde 1 Kmplayer 2025-04-09 N/A
KMPlayer 2.9.3.1210 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a .avi file with certain large "indx truck size" and nEntriesInuse values.
CVE-2007-5435 1 Broadcom 1 Erwin Process Modeler 2025-04-09 N/A
Unspecified vulnerability in CA ERwin Process Modeler (formerly AllFusion Process Modeler) 7.2 might allow user-assisted remote attackers to cause a denial of service via a crafted Data Standards File (Datatype Standards File).
CVE-2007-5506 1 Oracle 1 Database Server 2025-04-09 N/A
The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20.
CVE-2007-4897 2 Ekiga, Redhat 2 Ekiga, Enterprise Linux 2025-04-09 N/A
pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting).
CVE-2007-5962 3 Foresight Linux, Redhat, Rpath 4 Appliances, Enterprise Linux, Fedora and 1 more 2025-04-09 N/A
Memory leak in a certain Red Hat patch, applied to vsftpd 2.0.5 on Red Hat Enterprise Linux (RHEL) 5 and Fedora 6 through 8, and on Foresight Linux and rPath appliances, allows remote attackers to cause a denial of service (memory consumption) via a large number of CWD commands, as demonstrated by an attack on a daemon with the deny_file configuration option.
CVE-2007-5612 1 Ibm 1 Director 2025-04-09 N/A
CIM Server in IBM Director 5.20.1 and earlier allows remote attackers to cause a denial of service (CPU consumption, connection slot exhaustion, and daemon crash) via a large number of idle connections.
CVE-2007-5656 1 Tibco 3 Enterprise Message Service, Rtworks, Smartsockets Rtserver 2025-04-09 N/A
TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service (EMS) 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted requests that control loop operations related to memory.
CVE-2009-0069 1 Sun 2 Opensolaris, Solaris 2025-04-09 N/A
Unspecified vulnerability in the nfs4rename_persistent_fh function in the NFS 4 (aka NFSv4) client in the kernel in Sun Solaris 10 and OpenSolaris before snv_102 allows local users to cause a denial of service (recursive mutex_enter and panic) via unspecified vectors.
CVE-2009-0075 1 Microsoft 5 Internet Explorer, Windows Server 2003, Windows Server 2008 and 2 more 2025-04-09 N/A
Microsoft Internet Explorer 7 does not properly handle errors during attempted access to deleted objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to CFunctionPointer and the appending of document objects, aka "Uninitialized Memory Corruption Vulnerability."
CVE-2009-0076 1 Microsoft 5 Internet Explorer, Windows Server 2003, Windows Server 2008 and 2 more 2025-04-09 N/A
Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a crafted HTML document, aka "CSS Memory Corruption Vulnerability."
CVE-2009-1139 1 Microsoft 4 Adam, Windows 2000, Windows Server 2003 and 1 more 2025-04-09 N/A
Memory leak in the LDAP service in Active Directory on Microsoft Windows 2000 SP4 and Server 2003 SP2, and Active Directory Application Mode (ADAM) on Windows XP SP2 and SP3 and Server 2003 SP2, allows remote attackers to cause a denial of service (memory consumption and service outage) via (1) LDAP or (2) LDAPS requests with unspecified OID filters, aka "Active Directory Memory Leak Vulnerability."
CVE-2008-0007 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-04-09 N/A
Linux kernel before 2.6.22.17, when using certain drivers that register a fault handler that does not perform range checks, allows local users to access kernel memory via an out-of-range offset.
CVE-2008-0032 1 Apple 1 Quicktime 2025-04-09 N/A
Apple QuickTime before 7.4 allows remote attackers to execute arbitrary code via a movie file containing a Macintosh Resource record with a modified length value in the resource header, which triggers heap corruption.
CVE-2008-0102 1 Microsoft 1 Publisher 2025-04-09 N/A
Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, related to invalid "memory values," aka "Publisher Invalid Memory Reference Vulnerability."
CVE-2008-1837 1 Clam Anti-virus 1 Clamav 2025-04-09 N/A
libclamunrar in ClamAV before 0.93 allows remote attackers to cause a denial of service (crash) via crafted RAR files that trigger "memory problems," as demonstrated by the PROTOS GENOME test suite for Archive Formats.
CVE-2007-1308 2 Kde, Redhat 2 Konqueror, Enterprise Linux 2025-04-09 N/A
ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference.
CVE-2008-0120 1 Microsoft 1 Office Powerpoint Viewer 2025-04-09 N/A
Integer overflow in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute arbitrary code via a PowerPoint file with a malformed picture index that triggers memory corruption, related to handling of CString objects, aka "Memory Allocation Vulnerability."