Vulnerabilities > Opensuse > Opensuse > 12.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-07-15 | CVE-2013-2765 | Null Pointer Dereference vulnerability in multiple products The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header. | 5.0 |
2013-06-15 | CVE-2013-2064 | Numeric Errors vulnerability in multiple products Integer overflow in X.org libxcb 1.9 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the read_packet function. | 6.8 |
2013-06-15 | CVE-2013-1987 | Numeric Errors vulnerability in multiple products Multiple integer overflows in X.org libXrender 0.9.7 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XRenderQueryFilters, (2) XRenderQueryFormats, and (3) XRenderQueryPictIndexValues functions. | 6.8 |
2013-06-09 | CVE-2013-4082 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet. | 5.0 |
2013-06-09 | CVE-2013-4081 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet. | 5.0 |
2013-06-09 | CVE-2013-4079 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet. | 5.0 |
2013-06-09 | CVE-2013-4078 | Improper Input Validation vulnerability in multiple products epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 5.0 |
2013-06-09 | CVE-2013-4077 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c. | 5.0 |
2013-06-09 | CVE-2013-4076 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 5.0 |
2013-06-09 | CVE-2013-4075 | Resource Management Errors vulnerability in multiple products epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 5.0 |