Vulnerabilities > Integer Overflow or Wraparound

DATE CVE VULNERABILITY TITLE RISK
2009-04-17 CVE-2009-0946 Integer Overflow OR Wraparound vulnerability in multiple products
Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.
7.5
2009-03-23 CVE-2009-0723 Integer Overflow or Wraparound vulnerability in multiple products
Multiple integer overflows in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file that triggers a heap-based buffer overflow.
network
gimp mozilla sun littlecms CWE-190
critical
9.3
2008-11-01 CVE-2008-4864 Integer Overflow or Wraparound vulnerability in Python
Multiple integer overflows in imageop.c in the imageop module in Python 1.5.2 through 2.5.1 allow context-dependent attackers to break out of the Python VM and execute arbitrary code via large integer values in certain arguments to the crop function, leading to a buffer overflow, a different vulnerability than CVE-2007-4965 and CVE-2008-1679.
network
low complexity
python CWE-190
7.5
2008-10-15 CVE-2008-4019 Integer Overflow or Wraparound vulnerability in Microsoft products
Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint Server 2007 Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file containing a formula within a cell, aka "Formula Parsing Vulnerability."
network
microsoft CWE-190
critical
9.3
2008-10-15 CVE-2008-1446 Integer Overflow OR Wraparound vulnerability in Microsoft Internet Information Services
Integer overflow in the Internet Printing Protocol (IPP) ISAPI extension in Microsoft Internet Information Services (IIS) 5.0 through 7.0 on Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, and Server 2008 allows remote authenticated users to execute arbitrary code via an HTTP POST request that triggers an outbound IPP connection from a web server to a machine operated by the attacker, aka "Integer Overflow in IPP Service Vulnerability."
network
low complexity
microsoft CWE-190
critical
9.0
2008-06-24 CVE-2008-2663 Integer Overflow OR Wraparound vulnerability in multiple products
Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than CVE-2008-2662, CVE-2008-2664, and CVE-2008-2725.
network
low complexity
ruby-lang debian canonical CWE-190
critical
10.0
2007-09-18 CVE-2007-2834 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the TIFF parser in OpenOffice.org (OOo) before 2.3; and Sun StarOffice 6, 7, and 8 Office Suite (StarSuite); allows remote attackers to execute arbitrary code via a TIFF file with crafted values of unspecified length fields, which triggers allocation of an incorrect amount of memory, resulting in a heap-based buffer overflow.
network
apache sun debian canonical CWE-190
critical
9.3
2007-07-10 CVE-2006-4519 Integer Overflow or Wraparound vulnerability in Gimp
Multiple integer overflows in the image loader plug-ins in GIMP before 2.2.16 allow user-assisted remote attackers to execute arbitrary code via crafted length values in (1) DICOM, (2) PNM, (3) PSD, (4) PSP, (5) Sun RAS, (6) XBM, and (7) XWD files.
network
gimp CWE-190
6.8
2007-07-04 CVE-2007-2949 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the seek_to_and_unpack_pixeldata function in the psd.c plugin in Gimp 2.2.15 allows remote attackers to execute arbitrary code via a crafted PSD file that contains a large (1) width or (2) height value.
6.8
2007-05-08 CVE-2007-0221 Integer Overflow OR Wraparound vulnerability in Microsoft Exchange Server 2000
Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the "IMAP Literal Processing Vulnerability."
network
low complexity
microsoft CWE-190
7.8