Medium
CVE-2007-3106
lib/info.c in libvorbis 1.1.2, and possibly other versions before 1.2.0, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via invalid (1) blocksize_…
Tag: Denial of Service (DoS)
All CVEs associated with "Denial of Service (DoS)". Page 291/331 • 39653 CVEs.
Subscribe CVEs: RSS for “Denial of Service (DoS)” · RSS (High+Critical only)
About “Denial of Service (DoS)”
A curated feed of “Denial of Service (DoS)”-related CVEs appears below. We currently track 39653 CVEs for this tag (all time). In the last 365 days, 3222 were published. Average CVSS is 6.6 (all time; 6.6 over 365d), and 47% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-770 - Allocation of Resources Without Limits or Throttling, CWE-476 - NULL Pointer Dereference.
In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2007-07-26
Medium
CVE-2007-3875
arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functi…
High
CVE-2007-4011
Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to ca…
High
CVE-2007-4012
Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (ARP storm) via a broa…
2007-07-25
High
CVE-2006-7221
Multiple off-by-one errors in fsplib.c in fsplib before 0.8 allow attackers to cause a denial of service via unspecified vectors involving the (1) name and (2) d_name entry attributes.
Medium
CVE-2007-3961
Off-by-one error in the fsp_readdir_r function in fsplib.c in fsplib before 0.9 allows remote attackers to cause a denial of service via a directory entry whose length is exactly MAXNAMELEN, which pr…
Medium
CVE-2007-3971
Integer overflow in ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service (CPU and disk consumption) via a crafted ASPACK packed file, which triggers an infinite loo…
Medium
CVE-2007-3972
ESET NOD32 Antivirus before 2.2289 allows remote attackers to cause a denial of service via a crafted (1) ASPACK or (2) FSG packed file, which triggers a divide-by-zero error.
2007-07-24
High
CVE-2007-3956
TeamSpeak WebServer 2.0 for Windows does not validate parameter value lengths and does not expire TCP sessions, which allows remote attackers to cause a denial of service (CPU and memory consumption)…
Medium
CVE-2007-3957
Buffer overflow in Nipun Jain xserver 0.1 alpha allows remote attackers to cause a denial of service via a POST request with a long URI.
High
CVE-2007-3958
Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service via a certain GIF file, as demonstrated by Art.gif.
Medium
CVE-2007-3959
The IM Server (aka IMserve or IMserver) 2.0.5.30 and probably earlier in Ipswitch Instant Messaging before 2.07 in Ipswitch Collaboration Suite (ICS) allows remote attackers to cause a denial of serv…
Medium
CVE-2007-3953
The OLE2 parsing in Norman Antivirus before 5.91.02 allows remote attackers to cause a denial of service via a crafted DOC file that triggers a divide-by-zero error.
Medium
CVE-2007-3946
mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving (1) a memory leak, (2) use of md5-sess without a…
Medium
CVE-2007-3947
request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Locatio…
Medium
CVE-2007-3948
connections.c in lighttpd before 1.4.16 might accept more connections than the configured maximum, which allows remote attackers to cause a denial of service (failed assertion) via a large number of…
Medium
CVE-2007-3950
lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving the use of incompatible format specifiers in certa…
2007-07-21
High
CVE-2007-3923
The Common Internet File System (CIFS) optimization in Cisco Wide Area Application Services (WAAS) 4.0.7 and 4.0.9, as used by Cisco WAE appliance and the NM-WAE-502 network module, when Edge Service…
High
CVE-2007-3926
Ipswitch IMail Server 2006 before 2006.21 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving an "overwritten destructor."
2007-07-20
Medium
CVE-2007-3380
The Distributed Lock Manager (DLM) in the cluster manager for Linux kernel 2.6.15 allows remote attackers to cause a denial of service (loss of lock services) by connecting to the DLM port, which pro…
2007-07-19
Medium
CVE-2007-3906
Unspecified vulnerability in Kaspersky Anti-Virus for Check Point FireWall-1 before Critical Fix 1 (5.5.161.0) might allow attackers to cause a denial of service (kernel hang) via unspecified vectors…
2007-07-18
High
CVE-2007-3268
The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) v…
Critical
CVE-2007-3734
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified…
Critical
CVE-2007-3735
Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecif…
Medium
CVE-2007-3763
The IAX2 channel driver (chan_iax2) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before…
Medium
CVE-2007-3764
The Skinny channel driver (chan_skinny) in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i be…
Medium
CVE-2007-3765
The STUN implementation in Asterisk 1.4.x before 1.4.8, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service (cr…
2007-07-17
High
CVE-2007-3836
Format string vulnerability in HydraIRC 0.3.151 allows remote attackers to cause a denial of service via format string specifiers in certain data related to failed DCC file transfer negotiation.
High
CVE-2007-3837
Heap-based buffer overflow in HydraIRC 0.3.151 allows remote IRC servers to cause a denial of service (application crash) via a long CTCP request message containing '%' (percent) characters.
High
CVE-2007-3823
The Logging Server (Logsrv.exe) in IPSwitch WS_FTP 7.5.29.0 allows remote attackers to cause a denial of service (daemon crash) by sending a crafted packet containing a long string to port 5151/udp.
Medium
CVE-2007-3806
The glob function in PHP 5.2.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an invalid value of the flags parameter, probably related to mem…
Medium
CVE-2007-3815
Buffer overflow in pirs32.exe in Poslovni informator Republike Slovenije (PIRS) 2007 allows local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long…
High
CVE-2007-3816
JWIG might allow context-dependent attackers to cause a denial of service (service degradation) via loops of references to external templates. NOTE: this issue has been disputed by multiple third pa…
2007-07-16
Medium
CVE-2007-3805
The IKE implementation in Clavister CorePlus before 8.80.03, and 8.80.00, does not properly validate certificates during IKE negotiation, which allows remote attackers to cause a denial of service (g…
2007-07-15
Medium
CVE-2007-3790
The com_print_typeinfo function in the bz2 extension in PHP 5.2.3 allows context-dependent attackers to cause a denial of service via a long argument.
High
CVE-2007-3791
Buffer overflow in the w_read function in sockets.c in Cami Sardinha and Nigel Kukard policyd before 1.81 for Postfix allows remote attackers to cause a denial of service and possibly execute arbitra…
High
CVE-2007-3795
Unspecified vulnerability in Hitachi TP1/Server Base before 03-05-/P, 05-00-x before 05-00-/G, 05-01-x before 05-01-/A, and 05-02-x before 05-02-/C on HP-UX 11.0 through 11i v3 allows attackers to ca…
Medium
CVE-2007-3771
Stack-based buffer overflow in the Internet E-mail Auto-Protect feature in Symantec AntiVirus Corporate Edition before 10.1, and Client Security before 3.1, allows local users to cause a denial of se…
High
CVE-2007-3775
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster…
Medium
CVE-2007-3780
MySQL Community Server before 5.0.45 allows remote attackers to cause a denial of service (daemon crash) via a malformed password packet in the connection protocol.
Medium
CVE-2007-3645
archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service (crash) via (1) an end-of-file condition within a tar header that follo…
High
CVE-2007-3768
The mirror mechanism in SurgeFTP 2.3a1 allows user-assisted, remote FTP servers to cause a denial of service (restart) via a malformed response to a PASV command.
2007-07-14
Critical
CVE-2007-3641
archive_read_support_format_tar.c in libarchive before 2.2.4 does not properly compute the length of a certain buffer when processing a malformed pax extension header, which allows user-assisted remo…
Medium
CVE-2007-3644
archive_read_support_format_tar.c in libarchive before 2.2.4 allows user-assisted remote attackers to cause a denial of service (infinite loop) via (1) an end-of-file condition within a pax extension…
2007-07-12
Medium
CVE-2007-3728
Buffer overflow in lib/silcclient/client_notify.c of SILC Client and SILC Toolkit before 1.1.2 allows remote attackers to cause a denial of service via "NICK_CHANGE" notifications.
Low
CVE-2007-3719
The process scheduler in the Linux kernel 2.6.16 gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as…
Low
CVE-2007-3720
The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consum…
Low
CVE-2007-3721
The ULE process scheduler in the FreeBSD kernel gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as…
Low
CVE-2007-3722
The 4BSD process scheduler in the FreeBSD kernel performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU con…
Low
CVE-2007-3723
The process scheduler in the Sun Solaris kernel does not make use of the process statistics kept by the kernel and performs scheduling based upon CPU billing gathered from periodic process sampling t…
Low
CVE-2007-3724
The process scheduler in the Microsoft Windows XP kernel does not make use of the process statistics kept by the kernel, performs scheduling based on CPU billing gathered from periodic process sampli…
Medium
CVE-2007-3725
The RAR VM (unrarvm.c) in Clam Antivirus (ClamAV) before 0.91 allows user-assisted remote attackers to cause a denial of service (crash) via a crafted RAR archive, resulting in a NULL pointer derefer…
Medium
CVE-2007-3726
Integer signedness error in the SET_VALUE function in rarvm.cpp in unrar 3.70 beta 3, as used in products including WinRAR and RAR for OS X, allows user-assisted remote attackers to cause a denial of…
High
CVE-2007-3509
Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute…
High
CVE-2006-5274
Integer overflow in McAfee ePolicy Orchestrator 3.5 through 3.6.1, ProtectionPilot 1.1.1 and 1.5, and Common Management Agent (CMA) 3.5.5.438 allows remote attackers to cause a denial of service (CMA…
2007-07-11
High
CVE-2007-3696
CA ERwin Data Model Validator (formerly AllFusion Data Model Validator) allows remote attackers to (1) cause a denial of service (application hang) via a malformed .EXP database file and (2) cause a…
High
CVE-2007-3698
The Java Secure Socket Extension (JSSE) in Sun JDK and JRE 6 Update 1 and earlier, JDK and JRE 5.0 Updates 7 through 11, and SDK and JRE 1.4.2_11 through 1.4.2_14, when using JSSE for SSL/TLS support…
2007-07-10
Medium
CVE-2007-3028
The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4 does not properly check "the number of convertible attributes", which allows remote attackers to cause a denial of se…
Low
CVE-2007-3107
The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving fl…
Medium
CVE-2007-3657
Mozilla Firefox 2.0.0.4 allows remote attackers to cause a denial of service by opening multiple tabs in a popup window. NOTE: this issue has been disputed by third party researchers, stating that "…
Medium
CVE-2007-3658
Unspecified vulnerability in Microsoft Register Server (REGSVR) allows attackers to cause a denial of service via a crafted DLL library.
Medium
CVE-2007-3661
Eltima Software Virtual Serial Port (VSPAX) ActiveX control (VSPort.DLL) allows remote attackers to cause a denial of service via certain function calls, as demonstrated via the (1) Attach, (2) Write…
Medium
CVE-2007-3662
Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted FLV file.
Medium
CVE-2007-3663
Divide-by-zero error in Media Player Classic (MPC) 6.4.9.0 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted MPA file.
Medium
CVE-2007-3664
Multiple unspecified vulnerabilities in Eltima Software RunService ActiveX control (RunService.dll) allow remote attackers to cause a denial of service via certain functions when "improperly used", a…
Medium
CVE-2007-3665
Multiple unspecified vulnerabilities in FileBackup.DLL in Symantec Norton Ghost 12.0 allow remote attackers to cause a denial of service via unspecified vectors involving the UpdateCatalog and other…
Medium
CVE-2007-3667
Unspecified vulnerability in EXCLEXPT.DLL in ActiveReportsExcelReport allows remote attackers to cause a denial of service via the DDRow Height variable.
Medium
CVE-2007-3668
Multiple unspecified vulnerabilities in NMSDVDXU.DLL in NuMedia NMSDVDX allow remote attackers to cause a denial of service via "improperly initialized" (1) LoadSegmentWord, (2) PartitionType, (3) Se…
Medium
CVE-2007-3669
Multiple unspecified vulnerabilities in the Innovasys DockStudioXP InnovaDSXP2.OCX ActiveX Control have unspecified attack vectors and impact, including a denial of service via "improper use" of the…
High
CVE-2007-3642
The decode_choice function in net/netfilter/nf_conntrack_h323_asn1.c in the Linux kernel before 2.6.20.15, 2.6.21.x before 2.6.21.6, and before 2.6.22 allows remote attackers to cause a denial of ser…
High
CVE-2006-7220
Unspecified vulnerability in SAP SAPLPD and SAPSPRINT allows remote attackers to cause a denial of service (application crash) via a certain print job request. NOTE: the provenance of this informati…
2007-07-09
Low
CVE-2007-3622
Unspecified vulnerability in DomainPOP in Alt-N Technologies MDaemon before 9.61 allows remote attackers to cause a denial of service (crash) via malformed messages.
Medium
CVE-2007-3625
The Program Neighborhood Agent in Citrix Presentation Server Clients for 32-bit Windows before 10.100 allows remote attackers to cause a denial of service (agent exit) via a certain request that uses…
High
CVE-2007-3626
Unspecified vulnerability in the ADM daemon in Hitachi TPBroker before 20070706 allows remote attackers to cause a denial of service (daemon crash) via a certain request.
2007-07-06
Medium
CVE-2007-3607
Multiple unspecified vulnerabilities in ActiveX controls in the EnjoySAP SAP GUI allow remote attackers to cause a denial of service (process crash) via unspecified vectors.
High
CVE-2007-3615
Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) v…
2007-07-05
Medium
CVE-2007-3568
The _LoadBMP function in imlib 1.9.15 and earlier allows context-dependent attackers to cause a denial of service (infinite loop) via a BMP image with a Bits Per Page (BPP) value of 0.
2007-07-03
High
CVE-2007-3548
Stack-based buffer overflow in W3Filer 2.1.3 allows remote FTP servers to cause a denial of service (application hang or crash) and possibly execute arbitrary code by sending a large banner to a clie…
High
CVE-2007-3550
Microsoft Internet Explorer 6.0 and 7.0 allows remote attackers to fill Zones with arbitrary domains using certain metacharacters such as wildcards via JavaScript, which results in a denial of servic…
Medium
CVE-2007-3551
Buffer overflow in bbs100 before 3.2 allows remote attackers to cause a denial of service (crash) by attempting to login as the Guest user when another Guest user is already logged in, possibly relat…
High
CVE-2007-3552
Multiple unspecified vulnerabilities in bbs100 before 3.2 allow remote attackers to cause a denial of service (crash) via unspecified vectors, possibly involving certain v*printf and shift_StringIO f…
Medium
CVE-2007-3533
The 3Com IntelliJack Switch NJ220 before 2.0.23 allows remote attackers to cause a denial of service (reboot and reporting outage) via a loopback packet with zero in the length field.
High
CVE-2007-3545
Buffer overflow in Warzone 2100 Resurrection before 2.0.7 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long filename when setting backgroun…
Medium
CVE-2007-3527
Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service (CPU consumption) via certain database operations with multi-byte character sets that trigger an atte…
Medium
CVE-2007-3513
The lcd_write function in drivers/usb/misc/usblcd.c in the Linux kernel before 2.6.22-rc7 does not limit the amount of memory used by a caller, which allows local users to cause a denial of service (…
2007-07-02
High
CVE-2007-3506
The ft_bitmap_assure_buffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vector…
2007-06-29
Medium
CVE-2006-7211
fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semaphore array, which allows local users to cause a denial of service (blocked query processing) by locking semaphores.
High
CVE-2006-7214
Multiple unspecified vulnerabilities in Firebird 1.5 allow remote attackers to (1) cause a denial of service (application crash) by sending many remote protocol versions; and (2) cause a denial of se…
Medium
CVE-2007-3492
Conti FtpServer 1.0 allows remote authenticated users to cause a denial of service (daemon crash) via a certain string containing "//A:" in the argument to the LIST command.
Medium
CVE-2007-3499
SlackRoll before 8 accepts gpg exit codes other than 0 and 1 as evidence of a valid signature, which allows remote Slackware mirror sites or man-in-the-middle attackers to cause a denial of service (…
2007-06-28
Medium
CVE-2007-3469
Unspecified vulnerability in the TCP Loopback/Fusion implementation in Sun Solaris 10 allows local users to cause a denial of service (resource exhaustion and service hang) via unspecified vectors.
High
CVE-2007-3470
Multiple unspecified vulnerabilities in the KSSL kernel module in Sun Solaris 10, when configured with the KSSL proxy, allow remote attackers to cause a denial of service (kernel panic) via unspecifi…
Medium
CVE-2007-3473
The gdImageCreateXbm function in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspecified vectors involving a gdImageCr…
Medium
CVE-2007-3475
The GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via a GIF image that has no global color map.
Medium
CVE-2007-3476
Array index error in gd_gif_in.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash and heap corruption) via large color index…
Medium
CVE-2007-3477
The (a) imagearc and (b) imagefilledarc functions in GD Graphics Library (libgd) before 2.0.35 allow attackers to cause a denial of service (CPU consumption) via a large (1) start or (2) end angle de…
Medium
CVE-2007-3478
Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote attackers to cause a denial of service (crash) via unspec…
High
CVE-2007-3480
PCSoft WinDEV 11 (01F110053p) allows user-assisted remote attackers to cause a denial of service (infinite loop and resource consumption) via a malformed WDP project file.
2007-06-27
High
CVE-2007-3467
Integer overflow in the __status_Update function in stats.c VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a WAV file with a large sample rat…
High
CVE-2007-3468
input.c in VideoLAN VLC Media Player before 0.8.6c allows remote attackers to cause a denial of service (crash) via a crafted WAV file that causes an uninitialized i_nb_resamplers variable to be used.
Medium
CVE-2006-7210
Microsoft Windows 2000, XP, and Server 2003 allows remote attackers to cause a denial of service (cpu consumption) via a PNG image with crafted (1) Width and (2) Height values in the IHDR block.
High
CVE-2007-1792
libdayzero.dll in the Filter Hub Service (filter-hub.exe) in Symantec Mail Security for SMTP before 5.0.1 Patch 181 and Mail Security Appliance before 5.0.0-36 allows remote attackers to cause a deni…
Medium
CVE-2007-1863
cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service…
Medium
CVE-2007-3458
The libsldap library in Sun Solaris 8, 9, and 10 allows local users to cause a denial of service (Name Service Caching Daemon (nscd) crash) via unspecified vectors.
Medium
CVE-2007-1663
Memory leak in the image message functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.
Medium
CVE-2007-1664
ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service (NULL pointer dereference) via a vector related to the token OCR functionality.
Medium
CVE-2007-1665
Memory leak in the token OCR functionality in ekg before 1:1.7~rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service.
Medium
CVE-2007-3436
Microsoft MSN Messenger 4.7 on Windows XP allows remote attackers to cause a denial of service (resource consumption) via a flood of SIP INVITE requests to the port specified for voice conversation.
High
CVE-2007-3437
AOL Instant Messenger (AIM) 6.1.32.1 on Windows XP allows remote attackers to cause a denial of service (application crash) via a malformed header value in a SIP INVITE message, a different vulnerabi…
Medium
CVE-2007-3441
Format string vulnerability in the Aastra 9112i SIP Phone with firmware 1.4.0.1048 and boot version 1.1.0.10 allows remote attackers to cause a denial of service (blocked call reception and slow call…
Low
CVE-2007-3442
Format string vulnerability on the Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 allows remote attackers to cause a denial of service (blocked call reception and calling) via format st…
Low
CVE-2007-3443
The Research in Motion BlackBerry 7270 before 4.0 SP1 Bundle 108 does not properly manage transaction states, which allows remote attackers to cause a denial of service (temporary device hang) by sen…
Medium
CVE-2007-3444
The Research in Motion BlackBerry 7270 with 4.0 SP1 Bundle 83 allows remote attackers to cause a denial of service (blocked call reception) via a malformed SIP invite message, possibly related to mul…
Medium
CVE-2007-3445
Buffer overflow in SJ Labs SJphone 1.60.303c, running under Windows Mobile 2003 on the Samsung SCH-i730 phone, allows remote attackers to cause a denial of service (device hang and call termination)…
2007-06-26
Medium
CVE-2007-0773
The Linux kernel before 2.6.9-42.0.8 in Red Hat 4.4 allows local users to cause a denial of service (kernel OOPS from null dereference) via fput in a 32-bit ioctl on 64-bit x86 systems, an incomplete…
Medium
CVE-2007-3104
The sysfs_readdir function in the Linux kernel 2.6, as used in Red Hat Enterprise Linux (RHEL) 4.5 and other distributions, allows users to cause a denial of service (kernel OOPS) by dereferencing a…
High
CVE-2007-3409
Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an i…
Medium
CVE-2007-3398
LiteWEB 2.7 allows remote attackers to cause a denial of service (hang) via a large number of requests for nonexistent pages.
Medium
CVE-2007-3389
Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via a crafted chunked encoding in an HTTP response, possibly related to a zero-length payload.
Medium
CVE-2007-3390
Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain systems, allows remote attackers to cause a denial of service (crash) via crafted iSeries capture files that trigger a SIGTRAP.