Total
2703 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2009-2694 | 3 Adium, Pidgin, Redhat | 3 Adium, Pidgin, Enterprise Linux | 2024-08-07 | N/A |
The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2009-1376. | ||||
CVE-2009-2576 | 1 Microsoft | 2 Ie, Internet Explorer | 2024-08-07 | N/A |
Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected. | ||||
CVE-2009-2577 | 1 Opera | 1 Opera Browser | 2024-08-07 | N/A |
Opera 9.52 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption, and application hang) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. | ||||
CVE-2009-2537 | 1 Kde | 1 Konqueror | 2024-08-07 | N/A |
KDE Konqueror allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | ||||
CVE-2009-2538 | 1 Nokia | 4 N810 Internet Tablet, N82, N95 and 1 more | 2024-08-07 | N/A |
The Nokia N95 running Symbian OS 9.2, N82, and N810 Internet Tablet allow remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | ||||
CVE-2009-2536 | 1 Microsoft | 1 Internet Explorer | 2024-08-07 | N/A |
Microsoft Internet Explorer 5 through 8 allows remote attackers to cause a denial of service (memory consumption and application crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | ||||
CVE-2009-2542 | 1 Netscape | 1 Navigator | 2024-08-07 | N/A |
Netscape 6 and 8 allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | ||||
CVE-2009-2541 | 1 Sony | 1 Playstation 3 | 2024-08-07 | N/A |
The web browser on the Sony PLAYSTATION 3 (PS3) allows remote attackers to cause a denial of service (memory consumption and console hang) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. | ||||
CVE-2009-2462 | 2 Mozilla, Redhat | 3 Firefox, Thunderbird, Enterprise Linux | 2024-08-07 | N/A |
The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronous events, (2) a SetMayHaveFrame assertion and nsCSSFrameConstructor::CreateFloatingLetterFrame, (3) nsCSSFrameConstructor::ConstructFrame, (4) the child list and initial reflow, (5) GetLastSpecialSibling, (6) nsFrameManager::GetPrimaryFrameFor and MathML, (7) nsFrame::GetBoxAscent, (8) nsCSSFrameConstructor::AdjustParentFrame, (9) nsDOMOfflineResourceList, and (10) nsContentUtils::ComparePosition. | ||||
CVE-2009-2465 | 2 Mozilla, Redhat | 3 Firefox, Thunderbird, Enterprise Linux | 2024-08-07 | N/A |
Mozilla Firefox before 3.0.12 and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via vectors involving double frame construction, related to (1) nsHTMLContentSink.cpp, (2) nsXMLContentSink.cpp, and (3) nsPresShell.cpp, and the nsSubDocumentFrame::Reflow function. | ||||
CVE-2009-2469 | 2 Mozilla, Redhat | 2 Firefox, Enterprise Linux | 2024-08-07 | N/A |
Mozilla Firefox before 3.0.12 does not properly handle an SVG element that has a property with a watch function and an __defineSetter__ function, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted document, related to a certain pointer misinterpretation. | ||||
CVE-2009-2419 | 1 Apple | 1 Safari | 2024-08-07 | N/A |
Use-after-free vulnerability in the servePendingRequests function in WebCore in WebKit in Apple Safari 4.0 and 4.0.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted HTML document that references a zero-length .js file and the JavaScript reload function. NOTE: some of these details are obtained from third party information. | ||||
CVE-2009-2487 | 1 Sun | 2 Opensolaris, Solaris | 2024-08-07 | N/A |
Use-after-free vulnerability in the frpr_icmp function in the ipfilter (aka IP Filter) subsystem in Sun Solaris 10, and OpenSolaris snv_45 through snv_110, allows remote attackers to cause a denial of service (panic) via unspecified vectors. | ||||
CVE-2009-2526 | 1 Microsoft | 2 Windows Server 2008, Windows Vista | 2024-08-07 | N/A |
Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 do not properly validate fields in SMBv2 packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted packet to the Server service, aka "SMBv2 Infinite Loop Vulnerability." | ||||
CVE-2009-2466 | 2 Mozilla, Redhat | 3 Firefox, Thunderbird, Enterprise Linux | 2024-08-07 | N/A |
The JavaScript engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) nsDOMClassInfo.cpp, (2) JS_HashTableRawLookup, and (3) MirrorWrappedNativeParent and js_LockGCThingRT. | ||||
CVE-2009-2517 | 1 Microsoft | 1 Windows Server 2003 | 2024-08-07 | N/A |
The kernel in Microsoft Windows Server 2003 SP2 does not properly handle unspecified exceptions when an error condition occurs, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Exception Handler Vulnerability." | ||||
CVE-2009-2473 | 2 Redhat, Webdav | 2 Enterprise Linux, Neon | 2024-08-07 | N/A |
neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | ||||
CVE-2009-2464 | 2 Mozilla, Redhat | 4 Firefox, Seamonkey, Thunderbird and 1 more | 2024-08-07 | N/A |
The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to loading multiple RDF files in a XUL tree element. | ||||
CVE-2009-2300 | 1 Phion | 1 Airlock Web Application Firewall | 2024-08-07 | N/A |
The management interface in the phion airlock Web Application Firewall (WAF) 4.1-10.41 does not properly handle CGI requests that specify large width and height parameters for an image, which allows remote attackers to execute arbitrary commands or cause a denial of service (resource consumption) via a crafted request. | ||||
CVE-2009-2214 | 1 Citrix | 1 Secure Gateway | 2024-08-07 | N/A |
The Secure Gateway service in Citrix Secure Gateway 3.1 and earlier allows remote attackers to cause a denial of service (CPU consumption) via an unspecified request. |