Vulnerabilities > Resource Management Errors
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-08-24 | CVE-2008-7061 | Resource Management Errors vulnerability in Google Chrome 0.2.149.29 The tooltip manager (chrome/views/tooltip_manager.cc) in Google Chrome 0.2.149.29 Build 1798 and possibly other versions before 0.2.149.30 allows remote attackers to cause a denial of service (CPU consumption or crash) via a tag with a long title attribute, which is not properly handled when displaying a tooltip, a different vulnerability than CVE-2008-6994. | 4.3 |
| 2009-08-24 | CVE-2008-7053 | Resource Management Errors vulnerability in Logmein Ractrl.Dll LogMeIn Remote Access Utility ActiveX control (RACtrl.dll) allows remote attackers to cause a denial of service (crash) by setting the fgcolor and bgcolor properties to certain long values that trigger memory corruption. | 9.3 |
| 2009-08-24 | CVE-2009-2953 | Resource Management Errors vulnerability in Mozilla Firefox Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote attackers to cause a denial of service (CPU consumption) via JavaScript code with a long string value for the hash property (aka location.hash), a related issue to CVE-2008-5715. | 5.0 |
| 2009-08-21 | CVE-2009-2473 | Resource Management Errors vulnerability in Webdav Neon 0.28.6 neon before 0.28.6, when expat is used, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | 4.3 |
| 2009-08-21 | CVE-2009-2694 | Resource Management Errors vulnerability in multiple products The msn_slplink_process_msg function in libpurple/protocols/msn/slplink.c in libpurple, as used in Pidgin (formerly Gaim) before 2.5.9 and Adium 1.3.5 and earlier, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by sending multiple crafted SLP (aka MSNSLP) messages to trigger an overwrite of an arbitrary memory location. | 10.0 |
| 2009-08-19 | CVE-2009-2858 | Resource Management Errors vulnerability in IBM DB2 8.1 Memory leak in the Security component in IBM DB2 8.1 before FP18 on Unix platforms allows attackers to cause a denial of service (memory consumption) via unspecified vectors, related to private memory within the DB2 memory structure. | 5.0 |
| 2009-08-19 | CVE-2009-2740 | Resource Management Errors vulnerability in CA Host-Based Intrusion Prevention System 8.1 kmxIds.sys before 7.3.1.18 in CA Host-Based Intrusion Prevention System (HIPS) 8.1 allows remote attackers to cause a denial of service (system crash) via a malformed packet. | 5.0 |
| 2009-08-19 | CVE-2008-7011 | Resource Management Errors vulnerability in multiple products The Unreal engine, as used in Unreal Tournament 3 1.3, Unreal Tournament 2003 and 2004, Dead Man's Hand, Pariah, WarPath, Postal2, and Shadow Ops, allows remote authenticated users to cause a denial of service (server exit) via multiple file downloads from the server, which triggers an assertion failure when the Closing flag in UnChan.cpp is set. network low complexity digital-extreme epic-games groove-games human-head-studios red-mercury whiptail-interactive CWE-399 | 4.0 |
| 2009-08-12 | CVE-2009-0562 | Resource Management Errors vulnerability in Microsoft ISA Server, Office and Office web Components The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 SP1, and Office Small Business Accounting 2006 does not properly allocate memory, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger "system state" corruption, aka "Office Web Components Memory Allocation Vulnerability." | 9.3 |
| 2009-08-11 | CVE-2009-0687 | Resource Management Errors vulnerability in multiple products The pf_test_rule function in OpenBSD Packet Filter (PF), as used in OpenBSD 4.2 through 4.5, NetBSD 5.0 before RC3, MirOS 10 and earlier, and MidnightBSD 0.3-current allows remote attackers to cause a denial of service (panic) via crafted IP packets that trigger a NULL pointer dereference during translation, related to an IPv4 packet with an ICMPv6 payload. | 7.8 |