Vulnerabilities > Resource Management Errors
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-01-07 | CVE-2010-4669 | Resource Management Errors vulnerability in Microsoft products The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Windows 7 allows remote attackers to cause a denial of service (CPU consumption and system hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package. | 7.8 |
| 2010-12-30 | CVE-2010-4623 | Resource Management Errors vulnerability in IBM Tivoli Access Manager for E-Business 6.1.1 WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions. | 4.0 |
| 2010-12-30 | CVE-2010-4352 | Resource Management Errors vulnerability in D-Bus Project D-Bus Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants. | 2.1 |
| 2010-12-30 | CVE-2010-4161 | Resource Management Errors vulnerability in multiple products The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat build of the Linux kernel 2.6.18 in Red Hat Enterprise Linux (RHEL) 5 allows attackers to cause a denial of service (deadlock and system hang) by sending UDP traffic to a socket that has a crafted socket filter, a related issue to CVE-2010-4158. | 4.9 |
| 2010-12-22 | CVE-2010-4594 | Resource Management Errors vulnerability in IBM Lotus Mobile Connect The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly process TCP connection requests, which allows remote attackers to cause a denial of service (memory consumption and HTTP-AS hang) by making many connection requests that trigger "queue size delta errors," related to a "timing hole" issue. | 4.3 |
| 2010-12-22 | CVE-2010-4593 | Resource Management Errors vulnerability in IBM Lotus Mobile Connect The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain reference count, which allows remote authenticated users to cause a denial of service (IP address exhaustion) by making invalid attempts to establish sessions with the same VPN ID from multiple devices. | 4.0 |
| 2010-12-22 | CVE-2010-4592 | Resource Management Errors vulnerability in IBM Lotus Mobile Connect The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS) is enabled, does not properly handle failed attempts at establishing HTTP-TCP sessions, which allows remote attackers to cause a denial of service (memory consumption and daemon crash) by making many TCP connection attempts. | 4.3 |
| 2010-12-22 | CVE-2010-3971 | Resource Management Errors vulnerability in Microsoft Internet Explorer 7/8 Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a self-referential @import rule in a stylesheet, aka "CSS Memory Corruption Vulnerability." | 9.3 |
| 2010-12-22 | CVE-2009-2189 | Resource Management Errors vulnerability in Apple products The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of (1) Router Advertisement and (2) Neighbor Discovery packets, which allows remote attackers to cause a denial of service (resource consumption and device restart) by sending many packets. | 6.1 |
| 2010-12-17 | CVE-2010-4336 | Resource Management Errors vulnerability in Collectd The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x before 4.9.4 and before 4.10.2 allow remote attackers to cause a denial of service (assertion failure) via a packet with a timestamp whose value is 10 or less, as demonstrated by creating RRD files using the (1) RRDtool and (2) RRDCacheD plugins. | 5.0 |