| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. |
| Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." |
| Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. |
| The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. |
| Heap-based buffer overflow in psd.c for ImageMagick 6.1.0, 6.1.7, and possibly earlier versions allows remote attackers to execute arbitrary code via a .PSD image file with a large number of layers. |
| Command execution in Sun systems via buffer overflow in the at program. |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| Buffer overflow in statd allows root privileges. |
| Delete or create a file via rpc.statd, due to invalid information. |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
| root privileges via buffer overflow in df command on SGI IRIX systems. |
| root privileges via buffer overflow in pset command on SGI IRIX systems. |
| root privileges via buffer overflow in eject command on SGI IRIX systems. |
| root privileges via buffer overflow in login/scheme command on SGI IRIX systems. |
| root privileges via buffer overflow in ordist command on SGI IRIX systems. |
| root privileges via buffer overflow in xlock command on SGI IRIX systems. |
| Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C (classification) command line option. |
| Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. |
| IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files. |
