Vulnerabilities > Debian > Debian Linux > 4.0

DATE CVE VULNERABILITY TITLE RISK
2018-11-12 CVE-2018-19200 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in uriparser before 0.9.0.
network
low complexity
uriparser-project debian CWE-476
5.0
2016-06-16 CVE-2016-3062 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.
network
low complexity
libav ffmpeg debian opensuse CWE-119
8.8
2010-02-16 CVE-2009-3302 Code Injection vulnerability in multiple products
filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."
network
apache canonical debian CWE-94
critical
9.3
2010-02-16 CVE-2009-3301 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document.
network
apache canonical debian CWE-191
critical
9.3
2010-02-16 CVE-2009-2950 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file, related to LZW decompression.
network
apache canonical debian CWE-787
critical
9.3
2010-02-16 CVE-2009-2949 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.
network
apache canonical debian CWE-190
critical
9.3
2010-02-02 CVE-2009-4013 Path Traversal vulnerability in multiple products
Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24.2.1, and 2.x before 2.3.2 allow remote attackers to overwrite arbitrary files or obtain sensitive information via vectors involving (1) control field names, (2) control field values, and (3) control files of patch systems.
network
low complexity
debian canonical CWE-22
critical
9.8
2010-01-12 CVE-2009-4538 Remote Security Bypass vulnerability in Linux Kernel
drivers/net/e1000e/netdev.c in the e1000e driver in the Linux kernel 2.6.32.3 and earlier does not properly check the size of an Ethernet frame that exceeds the MTU, which allows remote attackers to have an unspecified impact via crafted packets, a related issue to CVE-2009-4537.
network
low complexity
linux debian
critical
10.0
2010-01-12 CVE-2009-4536 Numeric Errors vulnerability in Linux Kernel
drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafted payload.
network
low complexity
linux debian CWE-189
7.8
2009-09-15 CVE-2009-2629 Out-of-bounds Write vulnerability in multiple products
Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests.
network
low complexity
f5 debian fedoraproject CWE-787
7.5