CVE-2006-6143

HIGH Year: 2006
CVSS v2 Score
9.3
Critical
Weakness Type
CWE-824
View all →

Vulnerability Description

The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

Related Vulnerabilities

CVE-2017-12561

CRITICAL
CVSS:9.8(Critical)

A remote code execution vulnerability in HPE intelligent Management Center (iMC) PLAT version Plat 7.3 E0504P4 and earlier was found.

CWE-8242017

CVE-2018-11743

CRITICAL
CVSS:9.8(Critical)

The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows attackers to cause a denial of service (mrb_hash_keys uninitialized pointer and applic...

CWE-8242018

CVE-2018-14356

CRITICAL
CVSS:9.8(Critical)

An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.

CWE-8242018

CVE-2020-11138

CRITICAL
CVSS:9.8(Critical)

Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivi...

CWE-8242020

CVE-2020-17446

CRITICAL
CVSS:9.8(Critical)

asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, because of access to an uninitialized poin...

CWE-8242020

CVE-2020-25573

CRITICAL
CVSS:9.8(Critical)

An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint.

CWE-8242020