Vulnerabilities > Resource Management Errors
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-11-01 | CVE-2008-4869 | Resource Management Errors vulnerability in Ffmpeg FFmpeg 0.4.9, as used by MPlayer, allows context-dependent attackers to cause a denial of service (memory consumption) via unknown vectors, aka a "Tcp/udp memory leak." | 10.0 |
| 2008-10-31 | CVE-2008-4800 | Resource Management Errors vulnerability in Microsoft Debug Diagnostic Tool The DebugDiag ActiveX control in CrashHangExt.dll, possibly 1.0, in Microsoft Debug Diagnostic Tool allows remote attackers to cause a denial of service (NULL pointer dereference and Internet Explorer 6.0 crash) via a large negative integer argument to the GetEntryPointForThread method. | 5.0 |
| 2008-10-23 | CVE-2008-3817 | Resource Management Errors vulnerability in Cisco products Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets, related to the "initialization code for the hardware crypto accelerator." | 7.8 |
| 2008-10-22 | CVE-2008-4685 | Resource Management Errors vulnerability in Wireshark Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception. | 5.0 |
| 2008-10-22 | CVE-2008-4684 | Resource Management Errors vulnerability in Wireshark packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector. | 4.3 |
| 2008-10-22 | CVE-2008-4683 | Resource Management Errors vulnerability in Wireshark The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call. | 5.0 |
| 2008-10-22 | CVE-2008-4680 | Resource Management Errors vulnerability in Wireshark packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB). | 4.3 |
| 2008-10-22 | CVE-2008-4678 | Resource Management Errors vulnerability in IBM Websphere Application Server The HTTP_Request_Parser method in the HTTP Transport component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.31 allows remote attackers to cause a denial of service (controller 0C4 abend and application hang) via a long HTTP Host header, related to "storage overlay" on the stack and a "parse failure." | 7.8 |
| 2008-10-20 | CVE-2008-4610 | Resource Management Errors vulnerability in Mplayer MPlayer allows remote attackers to cause a denial of service (application crash) via (1) a malformed AAC file, as demonstrated by lol-vlc.aac; or (2) a malformed Ogg Media (OGM) file, as demonstrated by lol-ffplay.ogm, different vectors than CVE-2007-6718. | 5.0 |
| 2008-10-15 | CVE-2008-4023 | Resource Management Errors vulnerability in Microsoft Windows 2000 Active Directory in Microsoft Windows 2000 SP4 does not properly allocate memory for (1) LDAP and (2) LDAPS requests, which allows remote attackers to execute arbitrary code via a crafted request, aka "Active Directory Overflow Vulnerability." | 10.0 |