Vulnerabilities > Oracle > Solaris > 10.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-12-13 | CVE-2016-5841 | Integer Overflow or Wraparound vulnerability in Imagemagick Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service (segmentation fault) or possibly execute arbitrary code via vectors involving the offset variable. | 7.5 |
2016-09-28 | CVE-2016-2776 | Improper Input Validation vulnerability in multiple products buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11.0rc3 does not properly construct responses, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted query. | 7.8 |
2015-05-14 | CVE-2015-0797 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file. | 6.8 |
2015-02-12 | CVE-2014-9512 | Link Following vulnerability in multiple products rsync 3.1.1 allows remote attackers to write to arbitrary files via a symlink attack on a file in the synchronization path. | 6.4 |
2015-02-08 | CVE-2014-9674 | Remote vulnerability in FreeType Versions Prior to 2.5.4 The Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.5.4 proceeds with adding to length values without validating the original values, which allows remote attackers to cause a denial of service (integer overflow and heap-based buffer overflow) or possibly have unspecified other impact via a crafted Mac font. | 7.5 |
2015-02-08 | CVE-2014-9672 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Array index error in the parse_fond function in base/ftmac.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information from process memory via a crafted FOND resource in a Mac font file. | 5.8 |
2015-02-08 | CVE-2014-9671 | Remote vulnerability in FreeType Versions Prior to 2.5.4 Off-by-one error in the pcf_get_properties function in pcf/pcfread.c in FreeType before 2.5.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PCF file with a 0xffffffff size value that is improperly incremented. | 4.3 |
2015-02-08 | CVE-2014-9670 | Numeric Errors vulnerability in multiple products Multiple integer signedness errors in the pcf_get_encodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (integer overflow, NULL pointer dereference, and application crash) via a crafted PCF file that specifies negative values for the first column and first row. | 4.3 |
2015-02-08 | CVE-2014-9669 | Out-of-bounds Read vulnerability in multiple products Multiple integer overflows in sfnt/ttcmap.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service (out-of-bounds read or memory corruption) or possibly have unspecified other impact via a crafted cmap SFNT table. | 6.8 |
2015-02-08 | CVE-2014-9666 | Numeric Errors vulnerability in multiple products The tt_sbit_decoder_init function in sfnt/ttsbit.c in FreeType before 2.5.4 proceeds with a count-to-size association without restricting the count value, which allows remote attackers to cause a denial of service (integer overflow and out-of-bounds read) or possibly have unspecified other impact via a crafted embedded bitmap. | 6.8 |