Vulnerabilities > Resource Management Errors
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-04-06 | CVE-2010-1083 | Resource Management Errors vulnerability in Linux Kernel The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, and possibly other versions, does not clear the transfer buffer before returning to userspace when a USB command fails, which might make it easier for physically proximate attackers to obtain sensitive information (kernel memory). | 4.7 |
| 2010-04-05 | CVE-2010-0177 | Resource Management Errors vulnerability in Mozilla Firefox and Seamonkey Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, frees the contents of the window.navigator.plugins array while a reference to an array element is still active, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors, related to a "dangling pointer vulnerability." | 9.3 |
| 2010-04-05 | CVE-2010-0176 | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execute arbitrary code via unspecified vectors that trigger access to deleted elements, related to a "dangling pointer vulnerability." | 9.3 |
| 2010-04-05 | CVE-2010-0175 | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors that trigger a call to the handler for the select event for XUL tree items. | 9.3 |
| 2010-04-01 | CVE-2010-1232 | Resource Management Errors vulnerability in Google Chrome Google Chrome before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error) or possibly have unspecified other impact via a malformed SVG document. | 5.0 |
| 2010-04-01 | CVE-2010-1229 | Resource Management Errors vulnerability in Google Chrome The sandbox infrastructure in Google Chrome before 4.1.249.1036 does not properly use pointers, which has unspecified impact and attack vectors. | 10.0 |
| 2010-04-01 | CVE-2010-0770 | Resource Management Errors vulnerability in IBM Websphere Application Server IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0.0.9 allows remote authenticated users to cause a denial of service (ORB ListenerThread hang) by aborting an SSL handshake. | 4.0 |
| 2010-03-31 | CVE-2010-0491 | Resource Management Errors vulnerability in Microsoft products Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object Memory Corruption Vulnerability." | 9.3 |
| 2010-03-31 | CVE-2010-0531 | Resource Management Errors vulnerability in Apple Itunes Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file. | 4.3 |
| 2010-03-31 | CVE-2010-1188 | Resource Management Errors vulnerability in Linux Kernel Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux kernel 2.6 before 2.6.20, when IPV6_RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service (kernel panic) via a SYN packet while the socket is in a listening (TCP_LISTEN) state, which is not properly handled and causes the skb structure to be freed. | 7.1 |