CVE Daily
← All tags

Tag: Integer Overflow

All CVEs associated with "Integer Overflow". Page 29/35 • 4108 CVEs.

Subscribe CVEs: RSS for “Integer Overflow”  ·  RSS (High+Critical only)

About “Integer Overflow”

A curated feed of “Integer Overflow”-related CVEs appears below. We currently track 4108 CVEs for this tag (all time). In the last 365 days, 489 were published. Average CVSS is 7.5 (all time; 7.2 over 365d), and 70% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-190 - Integer Overflow or Wraparound, CWE-191 - Integer Underflow (Wrap or Wraparound), CWE-472 - External Control of Assumed-Immutable Web Parameter.

In our taxonomy this topic maps to a MODERATE impact class. Common exploitation patterns for this weakness can lead to moderate. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2011-06-16
Critical

CVE-2011-2121

Integer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2011-2120

Integer overflow in the CursorAsset x32 component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2011-2109

Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2011-0658

Integer underflow in the OLE Automation protocol implementation in VBScript.dll in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2,…

CVSS: 9.3 CWE: CWE-189 View on NVD
2011-06-06
Medium

CVE-2011-2175

Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via…

CVSS: 4.3 CWE: CWE-189 View on NVD
Medium

CVE-2011-1178

Multiple integer overflows in the load_image function in file-pcx.c in the Personal Computer Exchange (PCX) plugin in GIMP 2.6.x and earlier allow remote attackers to cause a denial of service (appli…

CVSS: 6.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2011-06-02
Critical

CVE-2011-2331

Integer overflow in img.exe in HP Intelligent Management Center (IMC) allows remote attackers to execute arbitrary code via a crafted length value in an a packet that triggers a heap-based buffer ove…

CVSS: 10.0 CWE: CWE-189 View on NVD
2011-05-31
Critical

CVE-2011-1213

Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that trigg…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2011-0628

Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows remote attackers to execute arbitrary code via ActionScript…

CVSS: 9.3 CWE: CWE-189 View on NVD
2011-05-24
Medium

CVE-2011-2168

Multiple integer overflows in the glob implementation in libc in OpenBSD before 4.9 might allow context-dependent attackers to have an unspecified impact via a crafted string, related to the GLOB_APP…

CVSS: 5.0 CWE: CWE-189 View on NVD
2011-05-16
High

CVE-2011-1800

Multiple integer overflows in the SVG Filters implementation in WebCore in WebKit in Google Chrome before 11.0.696.68 allow remote attackers to cause a denial of service or possibly have unspecified…

CVSS: 7.5 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2011-05-13
Critical

CVE-2011-0618

Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors.

CVSS: 9.3 CWE: CWE-189 View on NVD
2011-05-09
Medium

CVE-2011-1746

Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffe…

CVSS: 6.9 CWE: CWE-189 View on NVD
Medium

CVE-2011-1745

Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system…

CVSS: 6.9 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2011-05-03
Medium

CVE-2011-1437

Multiple integer overflows in Google Chrome before 11.0.696.57 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to float rendering.

CVSS: 6.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Medium

CVE-2011-1593

Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or…

CVSS: 4.9 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Medium

CVE-2010-4665

Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified…

CVSS: 4.3 CWE: CWE-189 View on NVD
Medium

CVE-2011-1494

Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of servi…

CVSS: 6.9 CWE: CWE-189 View on NVD
Medium

CVE-2011-1843

Integer overflow in conf.c in Tinyproxy before 1.8.3 might allow remote attackers to bypass intended access restrictions in opportunistic circumstances via a TCP connection, related to improper handl…

CVSS: 6.8 CWE: CWE-189 View on NVD
2011-04-13
High

CVE-2011-0663

Multiple integer overflows in the Microsoft (1) JScript 5.6 through 5.8 and (2) VBScript 5.6 through 5.8 scripting engines allow remote attackers to execute arbitrary code via a crafted web page, aka…

CVSS: 8.8 CWE: CWE-189 View on NVD
Critical

CVE-2011-0097

Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2011-0041

Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote atta…

CVSS: 9.3 CWE: CWE-189 View on NVD
2011-04-08
Medium

CVE-2011-1659

Integer overflow in posix/fnmatch.c in the GNU C Library (aka glibc or libc6) 2.13 and earlier allows context-dependent attackers to cause a denial of service (application crash) via a long UTF8 stri…

CVSS: 5.0 CWE: CWE-189 View on NVD
2011-04-05
Critical

CVE-2011-1564

Multiple integer overflows in the HMI application in DATAC RealFlex RealWin 2.1 (Build 6.1.10.10) and earlier allow remote attackers to execute arbitrary code via crafted (1) On_FC_MISC_FCS_MSGBROADC…

CVSS: 10.0 CWE: CWE-189 View on NVD
2011-03-31
Medium

CVE-2011-1554

Off-by-one error in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service (application crash) via a PDF document con…

CVSS: 4.3 CWE: CWE-189 View on NVD
2011-03-23
Medium

CVE-2011-0194

Integer overflow in ImageIO in Apple Mac OS X 10.6 before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG…

CVSS: 6.8 CWE: CWE-189 View on NVD
Medium

CVE-2011-0181

Integer overflow in ImageIO in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted XBM image.

CVSS: 6.8 CWE: CWE-189 View on NVD
Low

CVE-2011-0180

Integer overflow in HFS in Apple Mac OS X before 10.6.7 allows local users to read arbitrary (1) HFS, (2) HFS+, or (3) HFS+J files via a crafted F_READBOOTSTRAP ioctl call.

CVSS: 2.1 CWE: CWE-189 View on NVD
2011-03-20
Medium

CVE-2011-1466

Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a large integer in t…

CVSS: 5.0 CWE: CWE-189 View on NVD
2011-03-15
High

CVE-2011-1092

Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read sensitive memory via a large third argument to the…

CVSS: 7.5 CWE: CWE-189 View on NVD
2011-03-11
Critical

CVE-2011-1290

Integer overflow in WebKit, as used on the Research In Motion (RIM) BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remot…

CVSS: 10.0 CWE: CWE-189 View on NVD
Medium

CVE-2011-1417

Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a…

CVSS: 6.8 CWE: CWE-189 View on NVD
Medium

CVE-2011-1137

Integer overflow in the mod_sftp (aka SFTP) module in ProFTPD 1.3.3d and earlier allows remote attackers to cause a denial of service (memory consumption leading to OOM kill) via a malformed SSH mess…

CVSS: 5.0 CWE: CWE-189 View on NVD
2011-03-01
High

CVE-2011-1121

Integer overflow in Google Chrome before 9.0.597.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a TEXTAREA element.

CVSS: 7.5 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2011-02-25
Critical

CVE-2011-0332

Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-ba…

CVSS: 9.3 CWE: CWE-189 View on NVD
2011-02-21
Critical

CVE-2011-1052

Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation.

CVSS: 10.0 CWE: CWE-189 View on NVD
Critical

CVE-2011-1051

Integer overflow in the COFF/EPOC/EXPLOAD input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation.

CVSS: 10.0 CWE: CWE-189 View on NVD
2011-02-18
Medium

CVE-2010-4649

Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Linux kernel before 2.6.37 allows local users to cause a denial of service (memory corruption) or pos…

CVSS: 6.9 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2011-02-16
Critical

CVE-2011-0654

Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System (CIFS) browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2011-02-10
Critical

CVE-2011-0598

Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code via crafte…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2011-0558

Integer overflow in Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code via a large array length value in the ActionScript method of the Function class.

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2011-0557

Integer overflow in Adobe Shockwave Player before 11.5.9.620 allows remote attackers to execute arbitrary code via a Director movie with a large count value in 3D assets type 0xFFFFFF45 record, which…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-2589

Integer overflow in the dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code via unspecified vectors.

CVSS: 9.3 CWE: CWE-189 View on NVD
2011-02-02
Medium

CVE-2011-0755

Integer overflow in the mt_rand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, a…

CVSS: 5.0 CWE: CWE-189 View on NVD
2011-01-22
Critical

CVE-2010-4705

Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg, possibly 0.6, has unspecified impact and remote attack vectors, related to…

CVSS: 9.3 CWE: CWE-189 View on NVD
2011-01-18
Medium

CVE-2011-0408

pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers…

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2010-4530

Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate a…

CVSS: 4.4 CWE: CWE-189 View on NVD
2011-01-13
Low

CVE-2010-4529

Integer underflow in the irda_getsockopt function in net/irda/af_irda.c in the Linux kernel before 2.6.37 on platforms other than x86 allows local users to obtain potentially sensitive information fr…

CVSS: 2.1 CWE: CWE-191 - Integer Underflow (Wrap or Wraparound) View on NVD
2011-01-11
Medium

CVE-2010-4175

Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) in Linux kernel 2.6.35 allows local users to cause a denial of service (crash) and possibly trigger memory corruption via a crafte…

CVSS: 4.9 CWE: CWE-189 View on NVD
High

CVE-2010-3865

Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted iovec s…

CVSS: 7.2 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2011-01-07
Critical

CVE-2010-3311

Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrar…

CVSS: 9.3 CWE: CWE-189 View on NVD
High

CVE-2010-2643

Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allows remote attackers to execute arbitrary code via a crafted font in conjunction with a DVI file tha…

CVSS: 7.6 CWE: CWE-189 View on NVD
Medium

CVE-2010-4160

Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the…

CVSS: 6.9 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2011-01-03
High

CVE-2010-4164

Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the Linux kernel before 2.6.36.2 allow remote attackers to cause a denial of service (system crash) via…

CVSS: 7.8 CWE: CWE-191 - Integer Underflow (Wrap or Wraparound) View on NVD
Medium

CVE-2010-4162

Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (system crash) via a crafted device ioctl to a SCSI device.

CVSS: 4.7 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Critical

CVE-2010-3907

Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute a…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-12-16
Critical

CVE-2010-3946

Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a cra…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-12-14
Critical

CVE-2010-4397

Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows re…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-4385

Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other ver…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-2999

Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac RealPlayer 11.0 through 11.1, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute a…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-12-10
Medium

CVE-2010-4157

Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or poss…

CVSS: 6.2 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Critical

CVE-2010-3767

Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript a…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-12-09
Critical

CVE-2010-4009

Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-12-08
High

CVE-2010-4502

Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite Plus 2010 allows local users to cause a denial of service (pool corruption) and execute arbitrary code via crafted arguments to t…

CVSS: 7.2 CWE: CWE-189 View on NVD
2010-12-06
Medium

CVE-2010-4409

Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows context-dependent attackers to cause a denial of service (application crash) via an…

CVSS: 5.0 CWE: CWE-189 View on NVD
2010-12-02
Critical

CVE-2010-4372

Integer overflow in the in_nsv plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to improper allocation of memory for NSV metadata, a different vul…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-4370

Multiple integer overflows in the in_midi plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted MIDI file that triggers a buffer overflow.

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-2586

Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote attackers to execute arbitrary code via a crafted Table of Contents (TOC) in a (1) NSV stream or (2) NS…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-11-22
Critical

CVE-2010-3812

Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-3805

Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a den…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-3803

Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a deni…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-11-12
Medium

CVE-2009-5016

Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in PHP before 5.2.11 makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanism…

CVSS: 6.8 CWE: CWE-189 View on NVD
2010-11-10
Critical

CVE-2010-2573

Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted PowerPoint document, ak…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-11-06
Critical

CVE-2010-4202

Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted font.

CVSS: 9.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2010-10-25
Critical

CVE-2010-4070

Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before…

CVSS: 10.0 CWE: CWE-189 View on NVD
2010-10-19
Critical

CVE-2010-3571

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity,…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2010-3566

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2010-3565

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availa…

CVSS: 10.0 CWE: N/A View on NVD
2010-10-13
Critical

CVE-2010-3230

Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel document with crafted record information, aka "Excel Record Parsing Integer Overflow Vulner…

CVSS: 9.3 CWE: CWE-189 View on NVD
High

CVE-2010-1883

Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows…

CVSS: 7.8 CWE: CWE-189 View on NVD
2010-10-04
Medium

CVE-2010-3442

Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corrupti…

CVSS: 4.7 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2010-09-30
Medium

CVE-2010-2538

Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call.

CVSS: 5.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2010-09-29
High

CVE-2010-2478

Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.33.7 on 32-bit platforms allows local users to cause a denial of service or possibly have unspe…

CVSS: 7.2 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2010-09-28
Medium

CVE-2010-0405

Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 allows context-dependent attackers to cause a denial of service (application crash) or possibly exec…

CVSS: 5.1 CWE: CWE-189 View on NVD
2010-09-21
Medium

CVE-2010-3067

Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next-20100915 allows local users to cause a denial of service or possibly have unspecified other impact…

CVSS: 4.9 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2010-09-09
Critical

CVE-2010-2765

Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allo…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-09-08
High

CVE-2010-2959

Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux kernel before 2.6.27.53, 2.6.32.x before 2.6.32.21, 2.6.34.x before 2.6.34.6, and 2.6.35.x before 2.…

CVSS: 7.2 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2010-08-30
Critical

CVE-2010-3000

Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-0116

Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows might allow remote attackers to execute arbitrary code via a crafted QCP file that trigger…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-08-26
Critical

CVE-2010-2879

Multiple integer overflows in the allocator in the TextXtra.x32 module in Adobe Shockwave Player before 11.5.8.612 allow remote attackers to cause a denial of service (heap memory corruption) or exec…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-2871

Integer overflow in the 3D object functionality in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (heap memory corruption) or execute arbitrary code via…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2009-3743

Off-by-one error in the Ins_MINDEX function in the TrueType bytecode interpreter in Ghostscript before 8.71 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-08-25
Critical

CVE-2010-2936

Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbi…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-08-24
Medium

CVE-2010-1526

Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via (1) a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; (2…

CVSS: 6.8 CWE: CWE-189 View on NVD
2010-08-20
Medium

CVE-2010-3015

Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service (BUG and system crash) via a write operatio…

CVSS: 4.7 CWE: CWE-189 View on NVD
2010-08-19
Medium

CVE-2010-2500

Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary c…

CVSS: 6.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Medium

CVE-2010-2497

Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted font file.

CVSS: 6.8 CWE: CWE-191 - Integer Underflow (Wrap or Wraparound) View on NVD
2010-08-17
Critical

CVE-2010-1516

Multiple integer overflows in SWFTools 0.9.1 allow remote attackers to execute arbitrary code via (1) a crafted PNG file, related to the getPNG function in lib/png.c; or (2) a crafted JPEG file, rela…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-3032

Integer overflow in the OBGIOPServerWorker::extractHeader function in the ebus-3-3-2-6.dll module in SAP Crystal Reports 2008 allows remote attackers to cause a denial of service (crash) and possibly…

CVSS: 10.0 CWE: CWE-189 View on NVD
Critical

CVE-2010-1525

Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to cause a denial o…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-08-16
Medium

CVE-2010-1519

Multiple integer overflows in glpng.c in glpng 1.45 allow context-dependent attackers to execute arbitrary code via a crafted PNG image, related to (1) the pngLoadRawF function and (2) the pngLoadF f…

CVSS: 6.8 CWE: CWE-189 View on NVD
2010-08-11
Medium

CVE-2010-1893

Integer overflow in the TCP/IP stack in Microsoft Windows Vista SP1, Windows Server 2008 Gold and R2, and Windows 7 allows local users to gain privileges via a buffer of user-mode data that is copied…

CVSS: 6.8 CWE: CWE-189 View on NVD
2010-08-05
Medium

CVE-2010-2973

Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, a…

CVSS: 6.9 CWE: CWE-264 View on NVD
Critical

CVE-2010-2862

Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a M…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-07-30
High

CVE-2010-2753

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute ar…

CVSS: 8.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Critical

CVE-2010-2752

Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attac…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-1214

Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via plugin content with many parameter el…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-06-24
Medium

CVE-2010-2065

Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file t…

CVSS: 6.8 CWE: CWE-189 View on NVD
Critical

CVE-2010-1199

Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote attackers to…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-1196

Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remot…

CVSS: 9.3 CWE: CWE-189 View on NVD
2010-06-17
Medium

CVE-2010-1411

Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow…

CVSS: 6.8 CWE: CWE-189 View on NVD
High

CVE-2010-1380

Integer overflow in the cgtexttops CUPS filter in Printing in Apple Mac OS X 10.6 before 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via…

CVSS: 7.5 CWE: CWE-189 View on NVD
2010-06-15
Critical

CVE-2010-2183

Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a differ…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-2181

Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a differ…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-2170

Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a differ…

CVSS: 9.3 CWE: CWE-189 View on NVD
Critical

CVE-2010-2054

Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB 1.3.4 through 1.3.7, when the configuration sets httpMaxContentLength to a zero value, allows remote attackers to cause a denial of serv…

CVSS: 10.0 CWE: CWE-189 View on NVD
2010-06-01
Medium

CVE-2009-4881

Integer overflow in the __vstrfmon_l function in stdlib/strfmon_l.c in the strfmon implementation in the GNU C Library (aka glibc or libc6) before 2.10.1 allows context-dependent attackers to cause a…

CVSS: 5.0 CWE: CWE-189 View on NVD
Medium

CVE-2009-4880

Multiple integer overflows in the strfmon implementation in the GNU C Library (aka glibc or libc6) 2.10.1 and earlier allow context-dependent attackers to cause a denial of service (memory consumptio…

CVSS: 5.0 CWE: CWE-189 View on NVD
2010-05-27
Medium

CVE-2010-1634

Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment,…

CVSS: 5.0 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2010-1449

Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerabilit…

CVSS: 7.5 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD