Vulnerabilities > Resource Management Errors
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-05-13 | CVE-2010-1939 | Resource Management Errors vulnerability in Apple Safari 4.0.5 Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows remote attackers to execute arbitrary code by using window.open to create a popup window for a crafted HTML document, and then calling the parent window's close method, which triggers improper handling of a deleted window object. | 7.6 |
| 2010-05-12 | CVE-2010-1917 | Resource Management Errors vulnerability in PHP Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to cause a denial of service (PHP crash) via a crafted first argument to the fnmatch function, as demonstrated using a long string. | 5.0 |
| 2010-05-07 | CVE-2010-1861 | Resource Management Errors vulnerability in PHP The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to write to arbitrary memory addresses by using an object's __sleep function to interrupt an internal call to the shm_put_var function, which triggers access of a freed resource. | 6.4 |
| 2010-05-06 | CVE-2010-1729 | Resource Management Errors vulnerability in Apple Safari and Webkit WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop. | 4.3 |
| 2010-05-06 | CVE-2010-1728 | Resource Management Errors vulnerability in Opera Browser Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop, leading to attempted use of uninitialized memory. | 9.3 |
| 2010-05-05 | CVE-2010-0406 | Resource Management Errors vulnerability in Openttd OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and daemon crash) by performing incomplete downloads of the map. | 4.0 |
| 2010-04-22 | CVE-2010-1320 | Resource Management Errors vulnerability in MIT Kerberos 5 Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x before 1.8.2 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a request associated with (1) renewal or (2) validation. | 4.0 |
| 2010-04-16 | CVE-2010-1460 | Resource Management Errors vulnerability in IBM Advanced Management Module The IBM BladeCenter with Advanced Management Module (AMM) firmware before bpet50g does not properly perform interrupt sharing for USB and iSCSI, which allows remote attackers to cause a denial of service (management module reboot) via TCP packets with malformed application data. | 5.0 |
| 2010-04-14 | CVE-2010-0477 | Resource Management Errors vulnerability in Microsoft Windows 7 and Windows Server 2008 The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly handle (1) SMBv1 and (2) SMBv2 response packets, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code via a crafted packet that causes the client to read the entirety of the response, and then improperly interact with the Winsock Kernel (WSK), aka "SMB Client Message Size Vulnerability." | 10.0 |
| 2010-04-14 | CVE-2010-0236 | Resource Management Errors vulnerability in Microsoft products The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not properly allocate memory for the destination key associated with a symbolic-link registry key, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Allocation Vulnerability." | 7.2 |