Vulnerabilities > Resource Management Errors
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-02-11 | CVE-2012-0452 | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Use-after-free vulnerability in Mozilla Firefox 10.x before 10.0.1, Thunderbird 10.x before 10.0.1, and SeaMonkey 2.7 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger failure of an nsXBLDocumentInfo::ReadPrototypeBindings function call, related to the cycle collector's access to a hash table containing a stale XBL binding. | 7.5 |
2012-02-02 | CVE-2011-3450 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server CoreUI in Apple Mac OS X 10.7.x before 10.7.3 does not properly restrict the allocation of stack memory, which allows remote attackers to execute arbitrary code or cause a denial of service (memory consumption and application crash) via a long URL. | 6.8 |
2012-02-02 | CVE-2011-3449 | Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server Use-after-free vulnerability in CoreText in Apple Mac OS X before 10.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted embedded font in a document. | 6.8 |
2012-02-02 | CVE-2011-2393 | Resource Management Errors vulnerability in multiple products The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD, NetBSD, and possibly other BSD-based operating systems allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, a similar vulnerability to CVE-2010-4670. | 7.8 |
2012-01-27 | CVE-2011-3626 | Resource Management Errors vulnerability in multiple products Double free vulnerability in the prepare_exec function in src/exec.c in Logsurfer 1.5b and earlier, and Logsurfer+ 1.7 and earlier, allows remote attackers to execute arbitrary commands via crafted strings in a log file. | 7.5 |
2012-01-20 | CVE-2012-0904 | Resource Management Errors vulnerability in Videolan VLC Media Player 1.1.11 VLC media player 1.1.11 allows remote attackers to cause a denial of service (crash) via a long string in an amr file. | 4.3 |
2012-01-18 | CVE-2012-0781 | Resource Management Errors vulnerability in PHP 5.3.8 The tidy_diagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153. | 5.0 |
2012-01-15 | CVE-2011-4868 | Resource Management Errors vulnerability in ISC Dhcp The logging functionality in dhcpd in ISC DHCP before 4.2.3-P2, when using Dynamic DNS (DDNS) and issuing IPv6 addresses, does not properly handle the DHCPv6 lease structure, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via crafted packets related to a lease-status update. | 6.1 |
2012-01-13 | CVE-2011-4057 | Resource Management Errors vulnerability in Wibu Codemeter Runtime 4.10B/4.20A/4.30C Wibu-Systems AG CodeMeter Runtime 4.30c, 4.10b, and possibly other versions before 4.40 allows remote attackers to cause a denial of service (CodeMeter.exe crash) via certain crafted packets to TCP port 22350. | 5.0 |
2012-01-06 | CVE-2012-0027 | Resource Management Errors vulnerability in Openssl The GOST ENGINE in OpenSSL before 1.0.0f does not properly handle invalid parameters for the GOST block cipher, which allows remote attackers to cause a denial of service (daemon crash) via crafted data from a TLS client. | 5.0 |