Vulnerabilities > Resource Management Errors
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-03-12 | CVE-2008-1309 | Resource Management Errors vulnerability in Realnetworks Realplayer 10.0/10.5/11 The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the (1) Console or (2) Controls property, which allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via a series of assignments of long string values, which triggers an overwrite of freed heap memory. | 9.3 |
2008-03-05 | CVE-2008-1097 | Resource Management Errors vulnerability in Imagemagick Graphicsmagick and Imagemagick Heap-based buffer overflow in the ReadPCXImage function in the PCX coder in coders/pcx.c in (1) ImageMagick 6.2.4-5 and 6.2.8-0 and (2) GraphicsMagick (aka gm) 1.1.7 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted .pcx file that triggers incorrect memory allocation for the scanline array, leading to memory corruption. | 6.8 |
2008-03-04 | CVE-2008-1141 | Resource Management Errors vulnerability in Deslock Memory leak in DLMFENC.sys 1.0.0.26 in DESlock+ 3.2.6 and earlier allows local users to cause a denial of service (kernel memory consumption) via a series of DLMFENC_IOCTL requests to \\.\DLKPFSD_Device that allocate "link list structures." | 4.9 |
2008-02-28 | CVE-2008-1071 | Resource Management Errors vulnerability in Wireshark The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. | 4.3 |
2008-02-28 | CVE-2008-0308 | Resource Management Errors vulnerability in Symantec products Symantec Decomposer, as used in certain Symantec antivirus products including Symantec Scan Engine 5.1.2 and other versions before 5.1.6.31, allows remote attackers to cause a denial of service (memory consumption) via a malformed RAR file to the Internet Content Adaptation Protocol (ICAP) port (1344/tcp). | 7.1 |
2008-02-26 | CVE-2008-0984 | Resource Management Errors vulnerability in multiple products The MP4 demuxer (mp4.c) for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file. | 9.3 |
2008-02-26 | CVE-2008-0983 | Resource Management Errors vulnerability in Lighttpd lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access. | 5.0 |
2008-02-26 | CVE-2008-0597 | Resource Management Errors vulnerability in Easy Software products Cups 1.1.17/1.1.22 Use-after-free vulnerability in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service (crash) via crafted IPP packets. | 5.0 |
2008-02-25 | CVE-2008-0979 | Resource Management Errors vulnerability in multiple products Stack consumption vulnerability in Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon crash) via a certain packet that triggers the recursive calling of a function. | 5.0 |
2008-02-25 | CVE-2008-0977 | Resource Management Errors vulnerability in Double-Take Software Double-Take 4.5/5.0.0.2865 Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon crash) via a certain long packet that triggers an attempt to allocate a large amount of memory. | 5.0 |