Vulnerabilities > Resource Management Errors
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-06-18 | CVE-2011-3671 | Resource Management Errors vulnerability in Mozilla Firefox, Seamonkey and Thunderbird Use-after-free vulnerability in the nsHTMLSelectElement function in nsHTMLSelectElement.cpp in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allows remote attackers to execute arbitrary code via vectors involving removal of the parent node of an element. | 7.5 |
2012-06-16 | CVE-2012-1502 | Resource Management Errors vulnerability in Pypam Double free vulnerability in the PyPAM_conv in PAMmodule.c in PyPam 0.5.0 and earlier allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a NULL byte in a password string. | 7.5 |
2012-06-05 | CVE-2012-1946 | Resource Management Errors vulnerability in Mozilla products Use-after-free vulnerability in the nsINode::ReplaceOrInsertBefore function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 might allow remote attackers to execute arbitrary code via document changes involving replacement or insertion of a node. | 9.3 |
2012-06-05 | CVE-2012-1940 | Resource Management Errors vulnerability in Mozilla products Use-after-free vulnerability in the nsFrameList::FirstChild function in Mozilla Firefox 4.x through 12.0, Firefox ESR 10.x before 10.0.5, Thunderbird 5.0 through 12.0, Thunderbird ESR 10.x before 10.0.5, and SeaMonkey before 2.10 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) by changing the size of a container of absolutely positioned elements in a column. | 9.3 |
2012-06-05 | CVE-2012-0920 | Resource Management Errors vulnerability in multiple products Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary code and bypass command restrictions via multiple crafted command requests, related to "channels concurrency." | 7.1 |
2012-05-25 | CVE-2012-2426 | Resource Management Errors vulnerability in Xarrow The server in xArrow before 3.4.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors. | 7.8 |
2012-05-24 | CVE-2011-3112 | Resource Management Errors vulnerability in Google Chrome Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an invalid encrypted document. | 5.0 |
2012-05-24 | CVE-2011-3108 | Resource Management Errors vulnerability in Google Chrome Use-after-free vulnerability in Google Chrome before 19.0.1084.52 allows remote attackers to execute arbitrary code via vectors related to the browser cache. | 10.0 |
2012-05-24 | CVE-2011-3105 | Resource Management Errors vulnerability in Google Chrome Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element. | 7.5 |
2012-05-24 | CVE-2011-3103 | Resource Management Errors vulnerability in Google Chrome Google V8, as used in Google Chrome before 19.0.1084.52, does not properly perform garbage collection, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code. | 7.5 |