Vulnerabilities > Resource Management Errors

DATE CVE VULNERABILITY TITLE RISK
2008-09-16 CVE-2008-3613 Resource Management Errors vulnerability in Apple mac OS X 10.5.2/10.5.3/10.5.4
Finder in Apple Mac OS X 10.5.2 through 10.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving a search for a remote disk on the local network.
low complexity
apple CWE-399
6.1
6.1
2008-09-16 CVE-2008-3608 Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server
ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted JPEG image with an embedded ICC profile.
network
apple CWE-399
critical
 9.3
9.3
2008-09-16 CVE-2008-2332 Resource Management Errors vulnerability in Apple mac OS X and mac OS X Server
ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted TIFF image.
network
apple CWE-399
critical
 9.3
9.3
2008-09-11 CVE-2008-3912 Resource Management Errors vulnerability in multiple products
libclamav in ClamAV before 0.94 allows attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to an out-of-memory condition.
network
low complexity
clamav debian CWE-399
5.0
5.0
2008-09-11 CVE-2008-3632 Resource Management Errors vulnerability in Apple Iphone, Iphone OS and Ipod Touch
Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a web page with crafted Cascading Style Sheets (CSS) import statements.
network
apple CWE-399
critical
 9.3
9.3
2008-09-11 CVE-2008-3629 Resource Management Errors vulnerability in Apple Quicktime
Apple QuickTime before 7.5.5 allows remote attackers to cause a denial of service (application crash) via a crafted PICT image that triggers an out-of-bounds read. 		4.3
4.3
2008-09-11 CVE-2008-3628 Resource Management Errors vulnerability in Apple Quicktime
Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image, related to an "invalid pointer issue."
network
apple microsoft CWE-399
critical
 9.3
9.3
2008-09-11 CVE-2008-3627 Resource Management Errors vulnerability in Apple Quicktime
Apple QuickTime before 7.5.5 does not properly handle (1) MDAT atoms in MP4 video files within QuickTimeH264.qtx, (2) MDAT atoms in mov video files within QuickTimeH264.scalar, and (3) AVC1 atoms in an unknown media type within an unspecified component, which allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption and application crash) via a crafted, H.264 encoded movie file.
network
apple CWE-399
critical
 9.3
9.3
2008-09-11 CVE-2008-3615 Resource Management Errors vulnerability in Apple Quicktime
ir50_32.qtx in an unspecified third-party Indeo v5 codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, accesses uninitialized memory, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
network
apple microsoft CWE-399
critical
 9.3
9.3
2008-09-11 CVE-2008-3013 Resource Management Errors vulnerability in Microsoft products
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a malformed GIF image file containing many extension markers for graphic control extensions and subsequent unknown labels, aka "GDI+ GIF Parsing Vulnerability."
network
microsoft CWE-399
critical
 9.3
9.3