Vulnerabilities > Data Processing Errors
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-03-09 | CVE-2015-2239 | Data Processing Errors vulnerability in Google Chrome Google Chrome before 41.0.2272.76, when Instant Extended mode is used, does not properly consider the interaction between the "1993 search" features and restore-from-disk RELOAD transitions, which makes it easier for remote attackers to spoof the address bar for a search-results page by leveraging (1) a compromised search engine or (2) an XSS vulnerability in a search engine, a different vulnerability than CVE-2015-1231. | 4.3 |
2015-03-06 | CVE-2015-0598 | Data Processing Errors vulnerability in Cisco IOS and IOS XE The RADIUS implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted IPv6 Attributes in Access-Accept packets, aka Bug IDs CSCur84322 and CSCur27693. | 6.8 |
2015-02-25 | CVE-2015-0819 | Data Processing Errors vulnerability in multiple products The UITour::onPageEvent function in Mozilla Firefox before 36.0 does not ensure that an API call originates from a foreground tab, which allows remote attackers to conduct spoofing and clickjacking attacks by leveraging access to a UI Tour web site. | 4.3 |
2015-02-21 | CVE-2015-0618 | Data Processing Errors vulnerability in Cisco Carrier Routing System and IOS XR Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (line-card reload) via malformed IPv6 packets with extension headers, aka Bug ID CSCuq95241. | 7.1 |
2015-02-18 | CVE-2015-0621 | Data Processing Errors vulnerability in Cisco Telepresence MCU 4500 Series Software 4.5(1.45) Cisco TelePresence MCU devices with software 4.5(1.45) allow remote attackers to cause a denial of service (device reload) via an unspecified series of TCP packets, aka Bug ID CSCur50347. | 7.8 |
2015-02-15 | CVE-2015-1574 | Data Processing Errors vulnerability in Google Email 4.2.2.0200 The Google Email application 4.2.2.0200 for Android allows remote attackers to cause a denial of service (persistent application crash) via a "Content-Disposition: ;" header in an e-mail message. | 5.0 |
2015-02-11 | CVE-2015-0060 | Data Processing Errors vulnerability in Microsoft products The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly scale fonts, which allows local users to cause a denial of service (system hang) via a crafted application, aka "Windows Font Driver Denial of Service Vulnerability." | 4.7 |
2015-01-30 | CVE-2014-8835 | Data Processing Errors vulnerability in Apple mac OS X 10.10.0/10.10.1 The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 does not verify that a dictionary's Attributes key has the xpc_data data type, which allows attackers to execute arbitrary code by providing a crafted dictionary to sysmond, related to an "XPC type confusion" issue. | 9.3 |
2015-01-30 | CVE-2014-8826 | Data Processing Errors vulnerability in Apple mac OS X LaunchServices in Apple OS X before 10.10.2 does not properly handle file-type metadata, which allows attackers to bypass the Gatekeeper protection mechanism via a crafted JAR archive. | 5.0 |
2015-01-30 | CVE-2014-8822 | Data Processing Errors vulnerability in Apple mac OS X IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a kernel context or cause a denial of service (write to kernel memory) via a crafted app that calls an unspecified user-client method. | 10.0 |