|
285321
|
- |
|
xine
|
xine-lib
|
xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input value to determine the memory allocation and does not check the result for (1) the MATROSKA_ID_TR_CODECPRIVATE tra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5240
|
2018-10-12 05:54 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285322
|
- |
|
xine
|
xine-lib
|
Integer underflow in demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, allows remote attackers to cause a denial of service (crash) via a crafted media file that results in a smal…
|
CWE-189
Numeric Errors
|
CVE-2008-5241
|
2018-10-12 05:54 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285323
|
- |
|
xine
|
xine-lib
|
demux_qt.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, does not validate the count field before calling calloc for STSD_ATOM atom allocation, which allows remote attackers to cause a d…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5242
|
2018-10-12 05:54 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285324
|
- |
|
xine
|
xine-lib
|
The real_parse_headers function in demux_real.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, relies on an untrusted input length value to "reindex into an allocated buffer," which allow…
|
CWE-20
Improper Input Validation
|
CVE-2008-5243
|
2018-10-12 05:54 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285325
|
- |
|
xine
|
xine-lib
|
The real_parse_audio_specific_data function in demux_real.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, uses an untrusted height (aka codec_data_length) value as a divisor, which allow…
|
CWE-189
Numeric Errors
|
CVE-2008-5247
|
2018-10-12 05:54 |
2008-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285326
|
- |
|
divx
|
divx_web_player
|
Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, …
|
CWE-189
Numeric Errors
|
CVE-2008-5259
|
2018-10-12 05:54 |
2009-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285327
|
- |
|
axis
|
axis_camera_control
|
Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control in AxisCamControl.ocx in AXIS Camera Control 2.40.0.0 allows remote attackers to execute arbitrary code via a long image_pan_tilt…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5260
|
2018-10-12 05:54 |
2009-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285328
|
- |
|
dmitry_baryshev
|
ksquirrel-libs
|
Multiple stack-based buffer overflows in the mt_codec::getHdrHead function in kernel/kls_hdr/fmt_codec_hdr.cpp in ksquirrel-libs 0.8.0 allow context-dependent attackers to execute arbitrary code via …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2008-5263
|
2018-10-12 05:54 |
2009-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285329
|
- |
|
tornado
|
tornado_knowledge_retrieval_system
|
Cross-site scripting (XSS) vulnerability in searcher.exe in Tornado Knowledge Retrieval System 4.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the p parameter in a …
|
CWE-79
Cross-site Scripting
|
CVE-2008-5264
|
2018-10-12 05:54 |
2008-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285330
|
- |
|
sun
oracle
|
java_system_application_server
glassfish_server
|
Cross-site scripting (XSS) vulnerability in configuration/httpListenerEdit.jsf in the GlassFish 2 UR2 b04 webadmin interface in Sun Java System Application Server 9.1_01 build b09d-fcs and 9.1_02 bui…
|
CWE-79
Cross-site Scripting
|
CVE-2008-5266
|
2018-10-12 05:54 |
2008-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
