Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-2895

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-19 Aug, 2011 | 17:00
Updated At-06 Aug, 2024 | 23:15
Rejected At-
Credits

The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:19 Aug, 2011 | 17:00
Updated At:06 Aug, 2024 | 23:15
Rejected At:
▼CVE Numbering Authority (CNA)

The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.apple.com/HT205635
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2011-1154.html
vendor-advisory
x_refsource_REDHAT
http://www.ubuntu.com/usn/USN-1191-1
vendor-advisory
x_refsource_UBUNTU
http://www.openwall.com/lists/oss-security/2011/08/10/10
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=725760
x_refsource_CONFIRM
http://secunia.com/advisories/45544
third-party-advisory
x_refsource_SECUNIA
https://support.apple.com/HT205637
x_refsource_CONFIRM
http://support.apple.com/kb/HT5130
x_refsource_CONFIRM
http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html
vendor-advisory
x_refsource_APPLE
http://www.mandriva.com/security/advisories?name=MDVSA-2011:153
vendor-advisory
x_refsource_MANDRIVA
http://www.securityfocus.com/bid/49124
vdb-entry
x_refsource_BID
http://secunia.com/advisories/45599
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-1155.html
vendor-advisory
x_refsource_REDHAT
http://securitytracker.com/id?1025920
vdb-entry
x_refsource_SECTRACK
http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html
vendor-advisory
x_refsource_SUSE
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
vendor-advisory
x_refsource_APPLE
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html
vendor-advisory
x_refsource_SUSE
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
vendor-advisory
x_refsource_APPLE
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html
mailing-list
x_refsource_MLIST
http://secunia.com/advisories/46127
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/45986
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2011-1161.html
vendor-advisory
x_refsource_REDHAT
http://www.redhat.com/support/errata/RHSA-2011-1834.html
vendor-advisory
x_refsource_REDHAT
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/69141
vdb-entry
x_refsource_XF
http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html
vendor-advisory
x_refsource_APPLE
http://secunia.com/advisories/45568
third-party-advisory
x_refsource_SECUNIA
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html
mailing-list
x_refsource_MLIST
https://support.apple.com/HT205641
x_refsource_CONFIRM
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc
vendor-advisory
x_refsource_NETBSD
https://support.apple.com/HT205640
x_refsource_CONFIRM
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0
x_refsource_CONFIRM
http://secunia.com/advisories/48951
third-party-advisory
x_refsource_SECUNIA
http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html
vendor-advisory
x_refsource_APPLE
http://support.apple.com/kb/HT5281
x_refsource_CONFIRM
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
vendor-advisory
x_refsource_APPLE
http://www.debian.org/security/2011/dsa-2293
vendor-advisory
x_refsource_DEBIAN
https://bugzilla.redhat.com/show_bug.cgi?id=727624
x_refsource_CONFIRM
Hyperlink: https://support.apple.com/HT205635
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1154.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.ubuntu.com/usn/USN-1191-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.openwall.com/lists/oss-security/2011/08/10/10
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=725760
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/45544
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://support.apple.com/HT205637
Resource:
x_refsource_CONFIRM
Hyperlink: http://support.apple.com/kb/HT5130
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:153
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.securityfocus.com/bid/49124
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/45599
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1155.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://securitytracker.com/id?1025920
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://secunia.com/advisories/46127
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/45986
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1161.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1834.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17
Resource:
x_refsource_CONFIRM
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/69141
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://secunia.com/advisories/45568
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: https://support.apple.com/HT205641
Resource:
x_refsource_CONFIRM
Hyperlink: http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc
Resource:
vendor-advisory
x_refsource_NETBSD
Hyperlink: https://support.apple.com/HT205640
Resource:
x_refsource_CONFIRM
Hyperlink: http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/48951
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://support.apple.com/kb/HT5281
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://www.debian.org/security/2011/dsa-2293
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=727624
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://support.apple.com/HT205635
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-1154.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.ubuntu.com/usn/USN-1191-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.openwall.com/lists/oss-security/2011/08/10/10
mailing-list
x_refsource_MLIST
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=725760
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/45544
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://support.apple.com/HT205637
x_refsource_CONFIRM
x_transferred
http://support.apple.com/kb/HT5130
x_refsource_CONFIRM
x_transferred
http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2011:153
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.securityfocus.com/bid/49124
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/45599
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-1155.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://securitytracker.com/id?1025920
vdb-entry
x_refsource_SECTRACK
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html
mailing-list
x_refsource_MLIST
x_transferred
http://secunia.com/advisories/46127
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/45986
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-1161.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-1834.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17
x_refsource_CONFIRM
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/69141
vdb-entry
x_refsource_XF
x_transferred
http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://secunia.com/advisories/45568
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html
mailing-list
x_refsource_MLIST
x_transferred
https://support.apple.com/HT205641
x_refsource_CONFIRM
x_transferred
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc
vendor-advisory
x_refsource_NETBSD
x_transferred
https://support.apple.com/HT205640
x_refsource_CONFIRM
x_transferred
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/48951
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://support.apple.com/kb/HT5281
x_refsource_CONFIRM
x_transferred
http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://www.debian.org/security/2011/dsa-2293
vendor-advisory
x_refsource_DEBIAN
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=727624
x_refsource_CONFIRM
x_transferred
Hyperlink: https://support.apple.com/HT205635
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1154.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-1191-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2011/08/10/10
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=725760
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/45544
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://support.apple.com/HT205637
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://support.apple.com/kb/HT5130
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:153
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/49124
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/45599
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1155.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://securitytracker.com/id?1025920
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://secunia.com/advisories/46127
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/45986
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1161.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1834.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/69141
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://secunia.com/advisories/45568
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: https://support.apple.com/HT205641
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc
Resource:
vendor-advisory
x_refsource_NETBSD
x_transferred
Hyperlink: https://support.apple.com/HT205640
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/48951
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://support.apple.com/kb/HT5281
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://www.debian.org/security/2011/dsa-2293
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=727624
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:19 Aug, 2011 | 17:55
Updated At:11 Apr, 2025 | 00:51

The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x before 5.1.1, FreeType 2.1.9, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows context-dependent attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to CVE-2006-1168 and CVE-2011-2896.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
freetype
freetype
>>freetype>>2.1.9
cpe:2.3:a:freetype:freetype:2.1.9:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>Versions up to 1.4.3(inclusive)
cpe:2.3:a:x:libxfont:*:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.2.0
cpe:2.3:a:x:libxfont:1.2.0:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.2.1
cpe:2.3:a:x:libxfont:1.2.1:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.2.2
cpe:2.3:a:x:libxfont:1.2.2:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.2.3
cpe:2.3:a:x:libxfont:1.2.3:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.2.4
cpe:2.3:a:x:libxfont:1.2.4:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.2.5
cpe:2.3:a:x:libxfont:1.2.5:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.2.6
cpe:2.3:a:x:libxfont:1.2.6:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.2.7
cpe:2.3:a:x:libxfont:1.2.7:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.2.8
cpe:2.3:a:x:libxfont:1.2.8:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.2.9
cpe:2.3:a:x:libxfont:1.2.9:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.3.0
cpe:2.3:a:x:libxfont:1.3.0:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.3.1
cpe:2.3:a:x:libxfont:1.3.1:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.3.2
cpe:2.3:a:x:libxfont:1.3.2:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.3.3
cpe:2.3:a:x:libxfont:1.3.3:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.3.4
cpe:2.3:a:x:libxfont:1.3.4:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.4.0
cpe:2.3:a:x:libxfont:1.4.0:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.4.1
cpe:2.3:a:x:libxfont:1.4.1:*:*:*:*:*:*:*
X.Org Foundation
x
>>libxfont>>1.4.2
cpe:2.3:a:x:libxfont:1.4.2:*:*:*:*:*:*:*
FreeBSD Foundation
freebsd
>>freebsd>>*
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
NetBSD
netbsd
>>netbsd>>*
cpe:2.3:o:netbsd:netbsd:*:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>Versions up to 3.7(inclusive)
cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>2.0
cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>2.1
cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>2.2
cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>2.3
cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>2.4
cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>2.5
cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>2.6
cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>2.7
cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>2.8
cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>2.9
cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>3.0
cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>3.1
cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>3.2
cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>3.3
cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>3.4
cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>3.5
cpe:2.3:o:openbsd:openbsd:3.5:*:*:*:*:*:*:*
OpenBSD
openbsd
>>openbsd>>3.6
cpe:2.3:o:openbsd:openbsd:3.6:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0secalert@redhat.com
Patch
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.ascsecalert@redhat.com
N/A
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.htmlsecalert@redhat.com
N/A
http://lists.apple.com/archives/security-announce/2012/May/msg00001.htmlsecalert@redhat.com
N/A
http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.htmlsecalert@redhat.com
N/A
http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.htmlsecalert@redhat.com
N/A
http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.htmlsecalert@redhat.com
N/A
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.htmlsecalert@redhat.com
N/A
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.htmlsecalert@redhat.com
Patch
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.htmlsecalert@redhat.com
Patch
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.htmlsecalert@redhat.com
N/A
http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.htmlsecalert@redhat.com
N/A
http://secunia.com/advisories/45544secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/45568secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/45599secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/45986secalert@redhat.com
N/A
http://secunia.com/advisories/46127secalert@redhat.com
N/A
http://secunia.com/advisories/48951secalert@redhat.com
N/A
http://securitytracker.com/id?1025920secalert@redhat.com
N/A
http://support.apple.com/kb/HT5130secalert@redhat.com
N/A
http://support.apple.com/kb/HT5281secalert@redhat.com
N/A
http://www.debian.org/security/2011/dsa-2293secalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2011:153secalert@redhat.com
N/A
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17secalert@redhat.com
N/A
http://www.openwall.com/lists/oss-security/2011/08/10/10secalert@redhat.com
N/A
http://www.redhat.com/support/errata/RHSA-2011-1154.htmlsecalert@redhat.com
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1155.htmlsecalert@redhat.com
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1161.htmlsecalert@redhat.com
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1834.htmlsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/49124secalert@redhat.com
N/A
http://www.ubuntu.com/usn/USN-1191-1secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=725760secalert@redhat.com
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=727624secalert@redhat.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/69141secalert@redhat.com
N/A
https://support.apple.com/HT205635secalert@redhat.com
N/A
https://support.apple.com/HT205637secalert@redhat.com
N/A
https://support.apple.com/HT205640secalert@redhat.com
N/A
https://support.apple.com/HT205641secalert@redhat.com
N/A
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0af854a3a-2127-422b-91ae-364da2661108
Patch
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.ascaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2012/May/msg00001.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/45544af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/45568af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/45599af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/45986af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/46127af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/48951af854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1025920af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.apple.com/kb/HT5130af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.apple.com/kb/HT5281af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2011/dsa-2293af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDVSA-2011:153af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2011/08/10/10af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2011-1154.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1155.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1161.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1834.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/49124af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/USN-1191-1af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=725760af854a3a-2127-422b-91ae-364da2661108
Patch
https://bugzilla.redhat.com/show_bug.cgi?id=727624af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/69141af854a3a-2127-422b-91ae-364da2661108
N/A
https://support.apple.com/HT205635af854a3a-2127-422b-91ae-364da2661108
N/A
https://support.apple.com/HT205637af854a3a-2127-422b-91ae-364da2661108
N/A
https://support.apple.com/HT205640af854a3a-2127-422b-91ae-364da2661108
N/A
https://support.apple.com/HT205641af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/45544
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/45568
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/45599
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/45986
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/46127
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/48951
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://securitytracker.com/id?1025920
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT5130
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT5281
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2011/dsa-2293
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:153
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2011/08/10/10
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1154.html
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1155.html
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1161.html
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1834.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/49124
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1191-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=725760
Source: secalert@redhat.com
Resource:
Patch
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=727624
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/69141
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://support.apple.com/HT205635
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://support.apple.com/HT205637
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://support.apple.com/HT205640
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://support.apple.com/HT205641
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=d11ee5886e9d9ec610051a206b135a4cdc1e09a0
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-007.txt.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00001.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00002.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2015/Dec/msg00005.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.freedesktop.org/archives/xorg-announce/2011-August/001721.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://lists.freedesktop.org/archives/xorg-announce/2011-August/001722.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00019.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00004.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/45544
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/45568
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/45599
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/45986
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/46127
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/48951
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securitytracker.com/id?1025920
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT5130
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.apple.com/kb/HT5281
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2011/dsa-2293
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:153
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/compress/zopen.c#rev1.17
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2011/08/10/10
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1154.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1155.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1161.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-1834.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/49124
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/USN-1191-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=725760
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=727624
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/69141
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://support.apple.com/HT205635
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://support.apple.com/HT205637
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://support.apple.com/HT205640
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://support.apple.com/HT205641
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

2757Records found
CVE-2014-9662
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-2.74% / 85.40%
||
7 Day CHG~0.00%
Published-08 Feb, 2015 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

cff/cf2ft.c in FreeType before 2.5.4 does not validate the return values of point-allocation functions, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted OTF font.

Action-Not Available
Vendor-freetypen/aopenSUSEFedora ProjectDebian GNU/LinuxCanonical Ltd.
Product-fedoraopensuseubuntu_linuxfreetypedebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9663
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.90% / 82.47%
||
7 Day CHG~0.00%
Published-08 Feb, 2015 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The tt_cmap4_validate function in sfnt/ttcmap.c in FreeType before 2.5.4 validates a certain length field before that field's value is completely calculated, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted cmap SFNT table.

Action-Not Available
Vendor-freetypen/aopenSUSERed Hat, Inc.Fedora ProjectDebian GNU/LinuxOracle CorporationCanonical Ltd.
Product-enterprise_linux_serversolarisenterprise_linux_hpc_nodefedoraopensuseenterprise_linux_hpc_node_eusubuntu_linuxenterprise_linux_desktopenterprise_linux_server_eusfreetypeenterprise_linux_workstationdebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9656
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-1.79% / 82.00%
||
7 Day CHG~0.00%
Published-08 Feb, 2015 | 11:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font.

Action-Not Available
Vendor-freetypen/aopenSUSEFedora ProjectDebian GNU/LinuxCanonical Ltd.
Product-fedoraopensuseubuntu_linuxfreetypedebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-8611
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.11% / 30.43%
||
7 Day CHG~0.00%
Published-18 Sep, 2015 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.

Action-Not Available
Vendor-n/aApple Inc.FreeBSD Foundation
Product-freebsdiphone_osmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-1997
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.73% / 71.72%
||
7 Day CHG~0.00%
Published-15 Jun, 2013 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions.

Action-Not Available
Vendor-n/aX.Org Foundation
Product-libx11n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1274
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-50.12% / 97.74%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 20:21
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds Array Access Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-officeexcel_viewerexcelopen_xml_file_format_converteroffice_compatibility_packn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10433
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.1||HIGH
EPSS-0.17% / 38.41%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, TOCTOU vulnerability during SSD image decryption may cause memory corruption.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaremdm9640_firmwaresd_412sd_820asd_617_firmwaresd_808_firmwaresd_400sd_415sd_616sd_425sd_430_firmwaresd_615sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaresd_210sd_820_firmwaremdm9645mdm9645_firmwaresd_650sd_820sd_808sd_450_firmwaresd_800sd_410sd_617sd_400_firmwaresd_820a_firmwaresd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_625_firmwaresd_450sd_412_firmwaremdm9635msd_430sd_410_firmwaresd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2011-1707
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-20.33% / 95.31%
||
7 Day CHG~0.00%
Published-09 Jun, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url.

Action-Not Available
Vendor-n/aNovell
Product-iprintn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1279
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-43.53% / 97.42%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 20:21
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds WriteAV Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-open_xml_file_format_converterofficeexceln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1336
Matching Score-4
Assigner-JPCERT/CC
ShareView Details
Matching Score-4
Assigner-JPCERT/CC
CVSS Score-9.3||HIGH
EPSS-7.87% / 91.66%
||
7 Day CHG~0.00%
Published-07 Jul, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ALZip 8.21 and earlier allows remote attackers to execute arbitrary code via a crafted mim file.

Action-Not Available
Vendor-estsoftn/a
Product-alzipn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1276
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-56.69% / 98.04%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 20:21
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Excel spreadsheet, related to improper validation of record information, aka "Excel Buffer Overrun Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-officeexcel_viewerexcelopen_xml_file_format_converteroffice_compatibility_packn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2009-4243
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-0.85% / 73.98%
||
7 Day CHG~0.00%
Published-25 Jan, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allow remote attackers to have an unspecified impact via a crafted media file that uses HTTP chunked transfer coding, related to an "overflow."

Action-Not Available
Vendor-n/aRealNetworks LLCMicrosoft CorporationApple Inc.
Product-realplayer_sprealplayer_enterprisewindowsrealplayerhelix_playermac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0978
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-81.36% / 99.13%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via vectors related to an axis properties record, and improper incrementing of an array index, aka "Excel Array Indexing Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-office_compatibility_packofficeexcelexcel_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1403
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-12.27% / 93.60%
||
7 Day CHG~0.00%
Published-11 Jun, 2010 | 17:28
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during the handling of a use element in an SVG document, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted document containing XML that triggers a parsing error, related to ProcessInstruction.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-10239
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.73%
||
7 Day CHG~0.00%
Published-16 May, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In TrustZone access control policy may potentially be bypassed in all Android releases from CAF using the Linux kernel due to improper input validation an integer overflow vulnerability leading to a buffer overflow could potentially occur and a buffer over-read vulnerability could potentially occur.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAll Qualcomm Products
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2011-1270
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-35.49% / 96.93%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Presentation Buffer Overrun RCE Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-powerpointn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1703
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-10.86% / 93.11%
||
7 Day CHG~0.00%
Published-09 Jun, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url.

Action-Not Available
Vendor-n/aNovell
Product-iprintn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1512
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-18.23% / 94.95%
||
7 Day CHG~0.00%
Published-31 May, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR.

Action-Not Available
Vendor-autonomyn/aIBM Corporation
Product-keyviewlotus_notesn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1702
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-7.80% / 91.62%
||
7 Day CHG~0.00%
Published-09 Jun, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url.

Action-Not Available
Vendor-n/aNovell
Product-iprintn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1273
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-50.08% / 97.74%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 20:21
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Improper Record Parsing Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-officeexcel_viewerexcelopen_xml_file_format_converteroffice_compatibility_packn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1719
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-16.64% / 94.66%
||
7 Day CHG~0.00%
Published-27 Apr, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the Web Viewer ActiveX controls in CA Output Management Web Viewer 11.0 and 11.5 allow remote attackers to execute arbitrary code via (1) a long SRC property value to the PPSViewer ActiveX control in PPSView.ocx before 1.0.0.7 or (2) a long Title property value to the UOMWV_Helper ActiveX control in UOMWV_HelperActiveX.ocx before 11.5.0.1.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-output_management_web_viewern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1277
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-50.20% / 97.75%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 20:21
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Corruption Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-open_xml_file_format_converterofficeexceln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1243
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-43.84% / 97.44%
||
7 Day CHG~0.00%
Published-13 Apr, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Windows Messenger ActiveX control in msgsc.dll in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via unspecified vectors that "corrupt the system state," aka "Microsoft Windows Messenger ActiveX Control Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_xpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1288
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.73%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1216
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-18.88% / 95.06%
||
7 Day CHG~0.00%
Published-31 May, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7.

Action-Not Available
Vendor-n/aIBM Corporation
Product-lotus_notesn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1275
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-9.3||HIGH
EPSS-50.12% / 97.74%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 20:21
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Heap Overwrite Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-open_xml_file_format_converterofficeexceln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1708
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-10.86% / 93.11%
||
7 Day CHG~0.00%
Published-09 Jun, 2011 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie.

Action-Not Available
Vendor-n/aNovell
Product-iprintn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1218
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-8.46% / 92.00%
||
7 Day CHG~0.00%
Published-31 May, 2011 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in kvarcve.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .zip attachment, aka SPR PRAD8E3NSP. NOTE: some of these details are obtained from third party information.

Action-Not Available
Vendor-autonomyn/aIBM Corporation
Product-keyviewlotus_notesn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1797
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.3||HIGH
EPSS-1.41% / 79.76%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-chromium_projectn/aMicrosoft CorporationApple Inc.
Product-windows_7chromiumwebkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1065
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-4.50% / 88.70%
||
7 Day CHG~0.00%
Published-22 Feb, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX control (PIWebPlayer.ocx) in PIPI Player 2.8.0.0 allow remote attackers to execute arbitrary code via long arguments to the (1) PlayURL or (2) PlayURLWithLocalPlayer methods.

Action-Not Available
Vendor-pipin/a
Product-pipi_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1453
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.73%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-1704
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-10.86% / 93.11%
||
7 Day CHG~0.00%
Published-09 Jun, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted core-package parameter in a printer-url.

Action-Not Available
Vendor-n/aNovell
Product-iprintn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-5193
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-55.76% / 98.00%
||
7 Day CHG~0.00%
Published-31 Aug, 2012 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the TIFMergeMultiFiles function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 allows remote attackers to execute arbitrary code via a long strDelimit parameter.

Action-Not Available
Vendor-viscomsoftn/a
Product-image_viewer_cp_pro_sdkimage_viewer_cp_gold_sdkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0340
Matching Score-4
Assigner-Flexera Software LLC
ShareView Details
Matching Score-4
Assigner-Flexera Software LLC
CVSS Score-9.3||HIGH
EPSS-47.35% / 97.61%
||
7 Day CHG~0.00%
Published-04 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the ISSymbol ActiveX control in ISSymbol.ocx 61.6.0.0 and 301.1009.2904.0 in the ISSymbol virtual machine, as distributed in Advantech Studio 6.1 SP6 61.6.01.05, InduSoft Web Studio before 7.0+SP1, and InduSoft Thin Client 7.0, allow remote attackers to execute arbitrary code via a long (1) InternationalOrder, (2) InternationalSeparator, or (3) LogFileName property value; or (4) a long bstrFileName argument to the OpenScreen method.

Action-Not Available
Vendor-indusoftn/aAdvantech (Advantech Co., Ltd.)
Product-thin_clientweb_studioadvantech_studion/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0566
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-7.75% / 91.59%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted image, a different vulnerability than CVE-2011-0567 and CVE-2011-0603.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0578
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-3.13% / 86.34%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors related to a constructor for an unspecified ActionScript3 object and improper type checking, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0500
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-66.21% / 98.46%
||
7 Day CHG~0.00%
Published-20 Jan, 2011 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in VideoSpirit Pro 1.6.8.1, 1.68, and earlier; and VideoSpirit Lite 1.4.0.1 and possibly other versions; allows user-assisted remote attackers to execute arbitrary code via a VideoSpirit project (.visprj) file containing a valitem element with a long "value" attribute, as demonstrated using a valitem with the mp3 name.

Action-Not Available
Vendor-verytoolsn/a
Product-videospirit_litevideospirit_pron/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0241
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-7.72% / 91.57%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in ImageIO in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with CCITT Group 4 encoding.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7imageiowindows_xpwindows_vistasafarin/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0225
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.73%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-22710
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-7.8||HIGH
EPSS-0.70% / 71.07%
||
7 Day CHG~0.00%
Published-11 Mar, 2021 | 20:26
Updated-03 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could cause remote code execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.

Action-Not Available
Vendor-n/a
Product-interactive_graphical_scada_systemInteractive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0563
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-5.80% / 90.16%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0589 and CVE-2011-0606.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0222
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-48.52% / 97.67%
||
7 Day CHG-10.38%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0232
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-3.31% / 86.73%
||
7 Day CHG~0.00%
Published-21 Jul, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2011-07-20-1.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7webkitwindows_xpwindows_vistasafarimac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0607
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.57% / 84.97%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0560
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-12.48% / 93.66%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-22711
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.74%
||
7 Day CHG~0.00%
Published-11 Mar, 2021 | 20:23
Updated-03 Aug, 2024 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-119:Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Interactive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior, which could result in arbitrary read or write conditions when malicious CGF (Configuration Group File) file is imported to IGSS Definition due to missing validation of input data.

Action-Not Available
Vendor-n/a
Product-interactive_graphical_scada_systemInteractive Graphical SCADA System (IGSS) Definition (Def.exe) V15.0.0.21041 and prior
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0250
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-5.70% / 90.06%
||
7 Day CHG~0.00%
Published-04 Aug, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSS atoms in a QuickTime movie file.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7quicktimewindows_xpwindows_vistamac_os_xmac_os_x_servern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0273
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-9.3||HIGH
EPSS-13.18% / 93.87%
||
7 Day CHG~0.00%
Published-25 Jan, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in crs.exe in HP OpenView Storage Data Protector Cell Manager 6.11 allows remote attackers to execute arbitrary code via unspecified message types.

Action-Not Available
Vendor-n/aHP Inc.
Product-openview_storage_data_protector_cell_managern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0620
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-5.85% / 90.20%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0619, CVE-2011-0621, and CVE-2011-0622.

Action-Not Available
Vendor-n/aMicrosoft CorporationLinux Kernel Organization, IncGoogle LLCOracle CorporationApple Inc.Adobe Inc.
Product-linux_kernelwindowssolarisandroidflash_playermac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0246
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-9.3||HIGH
EPSS-4.25% / 88.36%
||
7 Day CHG~0.00%
Published-04 Aug, 2011 | 01:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Apple QuickTime before 7.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.
Product-windows_7windows_xpquicktimewindows_vistan/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 55
  • 56
  • Next
Details not found