Vulnerabilities > Resource Management Errors

DATE CVE VULNERABILITY TITLE RISK
2006-12-20 CVE-2006-4814 Resource Management Errors vulnerability in Linux Kernel
The mincore function in the Linux kernel before 2.4.33.6 does not properly lock access to user space, which has unspecified impact and attack vectors, possibly related to a deadlock.
local
low complexity
linux CWE-399
4.6
2006-12-15 CVE-2006-6601 Resource Management Errors vulnerability in multiple products
Windows Media Player 10.00.00.4036 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service via a .MID (MIDI) file with a malformed header chunk without any track chunks, possibly involving (1) number of tracks of (2) time division fields that are set to 0.
4.3
2006-12-14 CVE-2006-6304 Resource Management Errors vulnerability in Linux Kernel 2.6.19
The do_coredump function in fs/exec.c in the Linux kernel 2.6.19 sets the flag variable to O_EXCL but does not use it, which allows context-dependent attackers to modify arbitrary files via a rewrite attack during a core dump.
network
low complexity
linux CWE-399
7.5
2006-12-06 CVE-2006-6303 Resource Management Errors vulnerability in Yukihiro Matsumoto Ruby
The read_multipart function in cgi.rb in Ruby before 1.8.5-p2 does not properly detect boundaries in MIME multipart content, which allows remote attackers to cause a denial of service (infinite loop) via crafted HTTP requests, a different issue than CVE-2006-5467.
network
low complexity
yukihiro-matsumoto CWE-399
5.0
2006-12-05 CVE-2006-6297 Resource Management Errors vulnerability in KDE Kdegraphics 3.2/3.4.3
Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion.
network
low complexity
kde CWE-399
5.0
2006-12-05 CVE-2006-6296 Resource Management Errors vulnerability in Microsoft Windows 2000 and Windows XP
The RpcGetPrinterData function in the Print Spooler (spoolsv.exe) service in Microsoft Windows 2000 SP4 and earlier, and possibly Windows XP SP1 and earlier, allows remote attackers to cause a denial of service (memory consumption) via an RPC request that specifies a large 'offered' value (output buffer size), a variant of CVE-2005-3644.
low complexity
microsoft CWE-399
6.1
2006-11-17 CVE-2006-5966 Resource Management Errors vulnerability in Panda Activescan 5.0/5.53.00
Panda ActiveScan 5.53.00, and other versions before 5.54.01, allows remote attackers to (1) reboot the system using the Reinicializar method in the ActiveScan.1 ActiveX control, or (2) determine arbitrary file existence and size via the ObtenerTamano method in the PAVPZ.SOS.1 ActiveX control.
network
low complexity
panda CWE-399
6.4
2006-11-07 CVE-2006-5789 Resource Management Errors vulnerability in Jgaa Warftpd 1.82.00Rc11
War FTP Daemon (WarFTPd) 1.82.00-RC11 allows remote authenticated users to cause a denial of service via a large number of "%s" format strings in (1) CWD, (2) CDUP, (3) DELE, (4) NLST, (5) LIST, (6) SIZE, and possibly other commands.
network
low complexity
jgaa CWE-399
4.0
2006-11-06 CVE-2006-5757 Resource Management Errors vulnerability in Linux Kernel
Race condition in the __find_get_block_slow function in the ISO9660 filesystem in Linux 2.6.18 and possibly other versions allows local users to cause a denial of service (infinite loop) by mounting a crafted ISO9660 filesystem containing malformed data structures.
local
high complexity
linux CWE-399
1.2
2006-11-06 CVE-2006-5728 Resource Management Errors vulnerability in Dxmsoft XM Easy Personal FTP Server 4.2/4.3
XM Easy Personal FTP Server 5.2.1 and earlier allows remote authenticated users to cause a denial of service via a long argument to the NLST command, possibly involving the -al flags.
network
low complexity
dxmsoft CWE-399
4.0