Vulnerability & Exploit Database

Displaying entries 1 - 10 of 13 in total

Results for: CVE-2009-1194 Back to search

SUSE Linux Security Advisory: SUSE-SR:2010:004 Vulnerability

  • Severity: 10
  • Published: January 08, 2010

Buffer overflow in PowerDNS Recursor before 3.1.7.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via crafted packets.

SUSE Linux Security Advisory: SUSE-SR:2010:011 Vulnerability

  • Severity: 10
  • Published: August 06, 2009

Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc funct...

SUSE Linux Security Advisory: SUSE-SA:2009:039 Vulnerability

  • Severity: 10
  • Published: July 22, 2009

The setTimeout function in Mozilla Firefox before 3.0.12 does not properly preserve object wrapping, which allows remote attackers to execute arbitrary JavaScript with chrome privileges via a crafted call, related to XPCNativeWrapper.

Mozilla Firefox Multiple Vulnerabilities Fixed in 3.0.12 and 3.5.1 Vulnerability

  • Severity: 10
  • Published: July 21, 2009

Mozilla Firefox before 3.0.12 and 3.5.1 are affected by multiple vulnerabilities:

  • Crashes with evidence of memory corruption (MFSA 2009-34). Some of these crashes showed evidence of memory corruption under certain circumstances and we presume that with enough effort at least so...

USN-773-1: Pango vulnerability Vulnerability

  • Severity: 7
  • Published: May 11, 2009

Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location val...

SUSE Linux Security Vulnerability: CVE-2009-1194 Vulnerability

  • Severity: 7
  • Published: May 11, 2009

Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location val...

MFSA2009-36 Firefox: Heap/integer overflows in font glyph rendering libraries (CVE-2009-1194) Vulnerability

  • Severity: 7
  • Published: May 11, 2009

Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location val...

RHSA-2009:0476: pango security update Vulnerability

  • Severity: 7
  • Published: May 11, 2009

Pango is a library used for the layout and rendering of internationalizedtext.Will Drewry discovered an integer overflow flaw in Pango'spango_glyph_string_set_size() function. If an attacker is able to pass anarbitrarily long string to Pango, it may be possible to execute arbitrarycode with the permissions of the application calling Pang...

ELSA-2009-0476 Important: Enterprise Linux pango security update Vulnerability

  • Severity: 7
  • Published: May 11, 2009

Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location val...

Gentoo Linux: CVE-2009-1194: Pango: Multiple vulnerabilities Vulnerability

  • Severity: 7
  • Published: May 11, 2009

Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow, as demonstrated by a long document.location val...