Total
2703 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2009-3268 | 1 Google | 1 Chrome | 2024-08-07 | N/A |
Google Chrome 1.0.154.48 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an automatically submitted form containing a KEYGEN element, a related issue to CVE-2009-1828. | ||||
CVE-2009-3104 | 1 Symantec | 4 Antivirus, Client Security, Norton Antivirus and 1 more | 2024-08-07 | N/A |
Unspecified vulnerability in Symantec Norton AntiVirus 2005 through 2008; Norton Internet Security 2005 through 2008; AntiVirus Corporate Edition 9.0 before MR7, 10.0, 10.1 before MR8, and 10.2 before MR3; and Client Security 2.0 before MR7, 3.0, and 3.1 before MR8; when Internet Email Scanning is installed and enabled, allows remote attackers to cause a denial of service (CPU consumption and persistent connection loss) via unknown attack vectors. | ||||
CVE-2009-3103 | 1 Microsoft | 2 Windows Server 2008, Windows Vista | 2024-08-07 | N/A |
Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Process ID High header field in a NEGOTIATE PROTOCOL REQUEST packet, which triggers an attempted dereference of an out-of-bounds memory location, aka "SMBv2 Negotiation Vulnerability." NOTE: some of these details are obtained from third party information. | ||||
CVE-2009-3043 | 1 Linux | 1 Linux Kernel | 2024-08-07 | N/A |
The tty_ldisc_hangup function in drivers/char/tty_ldisc.c in the Linux kernel 2.6.31-rc before 2.6.31-rc8 allows local users to cause a denial of service (system crash, sometimes preceded by a NULL pointer dereference) or possibly gain privileges via certain pseudo-terminal I/O activity, as demonstrated by KernelTtyTest.c. | ||||
CVE-2009-2983 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2024-08-07 | N/A |
Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | ||||
CVE-2009-2985 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2024-08-07 | N/A |
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2996. | ||||
CVE-2009-2996 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2024-08-07 | N/A |
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2985. | ||||
CVE-2009-2972 | 1 Sun | 1 Solaris | 2024-08-07 | N/A |
in.lpd in the print service in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors that trigger a "fork()/exec() bomb." | ||||
CVE-2009-2966 | 1 Kaspersky | 2 Kaspersky Anti-virus, Kaspersky Internet Security | 2024-08-07 | N/A |
avp.exe in Kaspersky Internet Security 9.0.0.459 and Anti-Virus 9.0.0.463 allows remote attackers to cause a denial of service (CPU consumption and network connectivity loss) via an HTTP URL request that contains a large number of dot "." characters. | ||||
CVE-2009-2958 | 2 Redhat, Thekelleys | 2 Enterprise Linux, Dnsmasq | 2024-08-07 | N/A |
The tftp_request function in tftp.c in dnsmasq before 2.50, when --enable-tftp is used, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TFTP read (aka RRQ) request with a malformed blksize option. | ||||
CVE-2009-2953 | 1 Mozilla | 1 Firefox | 2024-08-07 | N/A |
Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote attackers to cause a denial of service (CPU consumption) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715. | ||||
CVE-2009-2844 | 1 Linux | 2 Kernel, Linux Kernel | 2024-08-07 | N/A |
cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, which triggers a NULL pointer dereference in the cmp_ies function. NOTE: a potential weakness in the is_mesh function was also addressed, but the relevant condition did not exist in the code, so it is not a vulnerability. | ||||
CVE-2009-2839 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
Screen Sharing in Apple Mac OS X 10.5.8 allows remote VNC servers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | ||||
CVE-2009-2819 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
AFP Client in Apple Mac OS X 10.5.8 allows remote AFP servers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via unspecified vectors. | ||||
CVE-2009-2828 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
The server in DirectoryService in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. | ||||
CVE-2009-2803 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2024-08-07 | N/A |
CarbonCore in Apple Mac OS X 10.4.11 and 10.5.8 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a file with a crafted resource fork. | ||||
CVE-2009-2740 | 1 Ca | 1 Host-based Intrusion Prevention System | 2024-08-07 | N/A |
kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet. | ||||
CVE-2009-2663 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2024-08-07 | N/A |
libvorbis before r16182, as used in Mozilla Firefox 3.5.x before 3.5.2 and other products, allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .ogg file. | ||||
CVE-2009-2664 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2024-08-07 | N/A |
The js_watch_set function in js/src/jsdbgapi.cpp in the JavaScript engine in Mozilla Firefox before 3.0.12 allows remote attackers to cause a denial of service (assertion failure and application exit) or possibly execute arbitrary code via a crafted .js file, related to a "memory safety bug." NOTE: this was originally reported as affecting versions before 3.0.13. | ||||
CVE-2009-2651 | 1 Digium | 1 Asterisk | 2024-08-07 | N/A |
main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote attackers to cause a denial of service (crash) via an RTP text frame without a certain delimiter, which triggers a NULL pointer dereference and the subsequent calculation of an invalid pointer. |