main/rtp.c in Asterisk Open Source 1.6.1 before 1.6.1.2 allows remote attackers to cause a denial of service (crash) via an RTP text frame without a certain delimiter, which triggers a NULL pointer dereference and the subsequent calculation of an invalid pointer.
Max CVSS
5.0
EPSS Score
9.19%
Published
2009-07-30
Updated
2017-08-17

CVE-2009-2650

Public exploit
Heap-based buffer overflow in Sorcerer Software MultiMedia Jukebox 4.0 Build 020124 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .m3u or possibly (2) .pst file.
Max CVSS
9.3
EPSS Score
96.39%
Published
2009-07-30
Updated
2017-09-19
The IATA (ata) driver in FreeBSD 6.0 and 8.0, when read access to /dev is available, allows local users to cause a denial of service (kernel panic) via a certain IOCTL request with a large count, which triggers a malloc call with a large value.
Max CVSS
4.7
EPSS Score
0.04%
Published
2009-07-30
Updated
2017-10-19
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219.
Max CVSS
9.3
EPSS Score
0.09%
Published
2009-07-30
Updated
2009-08-06
Race condition in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to "pathnames for invalid fds."
Max CVSS
4.9
EPSS Score
0.04%
Published
2009-07-29
Updated
2017-09-19
Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .pdf file attachment, a different vulnerability than CVE-2008-3246 and CVE-2009-0219.
Max CVSS
9.3
EPSS Score
4.82%
Published
2009-07-28
Updated
2017-08-17
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 allows remote attackers to cause a denial of service via malformed requests including (1) "missing or mismatched protocol identifier," (2) missing or negative status value," (3) "missing version," or (4) "missing or invalid status number," related to (a) HttpMsg.cc and (b) HttpReply.cc.
Max CVSS
5.0
EPSS Score
94.72%
Published
2009-07-28
Updated
2009-08-12
Squid 3.0 through 3.0.STABLE16 and 3.1 through 3.1.0.11 does not properly enforce "buffer limits and related bound checks," which allows remote attackers to cause a denial of service via (1) an incomplete request or (2) a request with a large header size, related to (a) HttpMsg.cc and (b) client_side.cc.
Max CVSS
5.0
EPSS Score
9.52%
Published
2009-07-28
Updated
2009-08-12
src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference.
Max CVSS
5.0
EPSS Score
54.09%
Published
2009-07-29
Updated
2017-09-19
The Sun Java System (SJS) Access Manager Policy Agent module 2.2 for SJS Web Proxy Server 4.0 allows remote attackers to cause a denial of service (daemon crash) via a GET request.
Max CVSS
7.8
EPSS Score
0.23%
Published
2009-07-27
Updated
2009-07-27
Unspecified vulnerability in the Solaris Auditing subsystem in Sun Solaris 9 and 10 and OpenSolaris before snv_121, when extended file attributes are used, allows local users to cause a denial of service (panic) via vectors related to fad_aupath structure members.
Max CVSS
4.7
EPSS Score
0.04%
Published
2009-07-27
Updated
2009-07-27
Google Chrome 2.x through 2.0.172 allows remote attackers to cause a denial of service (application crash) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479.
Max CVSS
5.0
EPSS Score
0.18%
Published
2009-07-22
Updated
2018-10-10
Opera 9.52 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption, and application hang) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479.
Max CVSS
5.0
EPSS Score
0.26%
Published
2009-07-22
Updated
2018-10-10
Microsoft Internet Explorer 6.0.2900.2180 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a long Unicode string argument to the write method, a related issue to CVE-2009-2479. NOTE: it was later reported that 7.0.6000.16473 and earlier are also affected.
Max CVSS
5.0
EPSS Score
2.06%
Published
2009-07-22
Updated
2021-07-23
The Research In Motion (RIM) BlackBerry 8800 allows remote attackers to cause a denial of service (memory consumption and browser crash) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
Max CVSS
7.1
EPSS Score
0.20%
Published
2009-07-22
Updated
2009-07-23
Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.
Max CVSS
7.1
EPSS Score
0.22%
Published
2009-07-21
Updated
2017-09-19
Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors.
Max CVSS
5.0
EPSS Score
3.63%
Published
2009-07-21
Updated
2017-09-19
Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.41%
Published
2009-07-21
Updated
2017-09-19
Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS issue also affects 0.10.13 through 1.0.9.
Max CVSS
5.0
EPSS Score
0.34%
Published
2009-07-21
Updated
2017-09-19
Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information.
Max CVSS
5.0
EPSS Score
0.30%
Published
2009-07-21
Updated
2017-09-19
Google Chrome before 2.0.172.37 allows attackers to leverage renderer access to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors that trigger excessive memory allocation.
Max CVSS
9.3
EPSS Score
0.26%
Published
2009-07-21
Updated
2017-08-17
Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service via a join packet with a final field whose value is (1) 0, which triggers a server crash related to memory allocation, or (2) 1, which triggers CPU/memory consumption and a NULL pointer dereference.
Max CVSS
5.0
EPSS Score
0.17%
Published
2009-07-20
Updated
2009-07-21
Format string vulnerability in Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the (1) nickname and (2) datafile fields in a join request, which is not properly handled when logging an error message.
Max CVSS
10.0
EPSS Score
0.63%
Published
2009-07-20
Updated
2009-07-21
Integer underflow in Armed Assault (aka ArmA) 1.14 and earlier, and 1.16 beta, and Armed Assault II 1.02 and earlier allows remote attackers to cause a denial of service (crash) via a VoIP over Network (VON) packet to port 2305 with a negative packet_size value, which triggers a buffer over-read.
Max CVSS
5.0
EPSS Score
1.87%
Published
2009-07-20
Updated
2017-08-17
Netscape 6 and 8 allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.
Max CVSS
4.3
EPSS Score
3.01%
Published
2009-07-20
Updated
2018-10-10
107 vulnerabilities found
1 2 3 4 5
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!