CVE-2009-0847

MEDIUM Year: 2009
CVSS v2 Score
4.3
Medium
Weakness Type
CWE-189
View all →

Vulnerability Description

The asn1buf_imbed function in the ASN.1 decoder in MIT Kerberos 5 (aka krb5) 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service (application crash) via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmetic.

Related Vulnerabilities

CVE-2015-8396

CRITICAL
CVSS:10.0(Critical)

Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbitr...

CWE-1892015

CVE-2007-1383

CRITICAL
CVSS:9.8(Critical)

Integer overflow in the 16 bit variable reference counter in PHP 4 allows context-dependent attackers to execute arbitrary code by overflowing this counter, which causes the same variable to be destro...

CWE-1892007

CVE-2011-2013

CRITICAL
CVSS:9.8(Critical)

Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code by s...

CWE-1892011

CVE-2014-9766

CRITICAL
CVSS:9.8(Critical)

Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code ...

CWE-1892014

CVE-2016-0859

CRITICAL
CVSS:9.8(Critical)

Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted RPC ...

CWE-1892016

CVE-2016-10145

CRITICAL
CVSS:9.8(Critical)

Off-by-one error in coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via vectors related to a string copy.

CWE-1892016