Vulnerabilities > Resource Management Errors
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-03-06 | CVE-2014-0707 | Resource Management Errors vulnerability in Cisco products Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, and 7.4 before 7.4.110.0 allow remote attackers to cause a denial of service (device restart) via a crafted 802.11 Ethernet frame, aka Bug ID CSCuf80681. | 7.8 |
2014-03-06 | CVE-2014-0706 | Resource Management Errors vulnerability in Cisco products Cisco Wireless LAN Controller (WLC) devices 7.2 before 7.2.115.2, 7.3, and 7.4 before 7.4.110.0 allow remote attackers to cause a denial of service (device restart) via a crafted 802.11 Ethernet frame, aka Bug ID CSCue87929. | 7.8 |
2014-03-06 | CVE-2014-0705 | Resource Management Errors vulnerability in Cisco products The multicast listener discovery (MLD) service on Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, 7.4 before 7.4.121.0, and 7.5, when MLDv2 Snooping is enabled, allows remote attackers to cause a denial of service (device restart) via a malformed IPv6 MLDv2 packet, aka Bug ID CSCuh74233. | 7.1 |
2014-03-06 | CVE-2014-0704 | Resource Management Errors vulnerability in Cisco products The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices 4.x, 5.x, 6.x, 7.0 before 7.0.250.0, 7.1, 7.2, and 7.3, when IGMPv3 Snooping is enabled, allows remote attackers to cause a denial of service (memory over-read and device restart) via a crafted field in an IGMPv3 message, aka Bug ID CSCuh33240. | 7.1 |
2014-03-06 | CVE-2014-0701 | Resource Management Errors vulnerability in Cisco Wireless LAN Controller Software Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, 7.3, and 7.4 before 7.4.110.0 do not properly deallocate memory, which allows remote attackers to cause a denial of service (reboot) by sending WebAuth login requests at a high rate, aka Bug ID CSCuf52361. | 7.8 |
2014-03-05 | CVE-2013-6664 | Resource Management Errors vulnerability in Google Chrome Use-after-free vulnerability in the FormAssociatedElement::formRemovedFromTree function in core/html/FormAssociatedElement.cpp in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving FORM elements, as demonstrated by use of the speech-recognition feature. | 7.5 |
2014-03-05 | CVE-2013-6663 | Resource Management Errors vulnerability in Google Chrome Use-after-free vulnerability in the SVGImage::setContainerSize function in core/svg/graphics/SVGImage.cpp in the SVG implementation in Blink, as used in Google Chrome before 33.0.1750.146, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the resizing of a view. | 7.5 |
2014-02-26 | CVE-2012-2134 | Resource Management Errors vulnerability in Martin Nagy Bind-Dyndb-Ldap The handle_connection_error function in ldap_helper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service (infinite loop and named server hang) via a non-alphabet character in the base DN in an LDAP search DNS query. | 4.3 |
2014-02-26 | CVE-2013-7332 | Resource Management Errors vulnerability in Microsoft Windows 8 and Windows 8.1 The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | 5.0 |
2014-02-24 | CVE-2013-6658 | Resource Management Errors vulnerability in Google Chrome Multiple use-after-free vulnerabilities in the layout implementation in Blink, as used in Google Chrome before 33.0.1750.117, allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving (1) running JavaScript code during execution of the updateWidgetPositions function or (2) making a call into a plugin during execution of the updateWidgetPositions function. | 7.5 |