CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2012(Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1251 CVE-2011-3359 119 DoS Overflow 2012-05-24 2012-05-29
5.4
None Remote High Not required None None Complete
The dma_rx function in drivers/net/wireless/b43/dma.c in the Linux kernel before 2.6.39 does not properly allocate receive buffers, which allows remote attackers to cause a denial of service (system crash) via a crafted frame.
1252 CVE-2011-3353 119 DoS Overflow 2012-05-24 2012-05-25
4.9
None Local Low Not required None None Complete
Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev.c in the Linux kernel before 3.1 allows local users to cause a denial of service (BUG_ON and system crash) by leveraging the ability to mount a FUSE filesystem.
1253 CVE-2011-3328 DoS 2012-01-17 2012-09-21
2.6
None Remote High Not required None None Partial
The png_handle_cHRM function in pngrutil.c in libpng 1.5.4, when color-correction support is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed PNG image containing a cHRM chunk associated with a certain zero value.
1254 CVE-2011-3295 20 DoS 2012-05-02 2012-10-29
7.8
None Remote Low Not required None None Complete
The NETIO and IPV4_IO processes in Cisco IOS XR 3.8 through 4.1, as used in Cisco Carrier Routing System and other products, allow remote attackers to cause a denial of service (CPU consumption) via crafted network traffic, aka Bug ID CSCti59888.
1255 CVE-2011-3283 20 DoS 2012-05-02 2017-12-06
5.0
None Remote Low Not required None None Partial
Cisco Carrier Routing System 3.9.1 allows remote attackers to cause a denial of service (Metro subsystem crash) via a fragmented GRE packet, aka Bug ID CSCts14887.
1256 CVE-2011-3209 189 DoS 2012-10-03 2012-10-03
4.9
None Local Low Not required None None Complete
The div_long_long_rem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service (Divide Error Fault and panic) via a clock_gettime system call.
1257 CVE-2011-3194 119 DoS Exec Code Overflow 2012-06-15 2017-08-28
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the TIFF reader in gui/image/qtiffhandler.cpp in Qt 4.7.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the TIFFTAG_SAMPLESPERPIXEL tag in a greyscale TIFF image with multiple samples per pixel.
1258 CVE-2011-3193 119 DoS Exec Code Overflow 2012-06-15 2017-08-28
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in the Lookup_MarkMarkPos function in the HarfBuzz module (harfbuzz-gpos.c), as used by Qt before 4.7.4 and Pango, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.
1259 CVE-2011-3191 189 DoS Mem. Corr. 2012-05-24 2012-05-25
10.0
None Remote Low Not required Complete Complete Complete
Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.
1260 CVE-2011-3188 DoS 2012-05-24 2016-08-22
6.8
None Remote Medium Not required Partial Partial Partial
The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which makes it easier for remote attackers to cause a denial of service (disrupted networking) or hijack network sessions by predicting these values and sending crafted packets.
1261 CVE-2011-3149 119 DoS Overflow 2012-07-22 2019-01-03
2.1
None Local Low Not required None None Partial
The _expand_arg function in the pam_env module (modules/pam_env/pam_env.c) in Linux-PAM (aka pam) before 1.1.5 does not properly handle when environment variable expansion can overflow, which allows local users to cause a denial of service (CPU consumption).
1262 CVE-2011-3148 119 DoS Exec Code Overflow 2012-07-22 2019-01-03
4.6
None Local Low Not required Partial Partial Partial
Stack-based buffer overflow in the _assemble_line function in modules/pam_env/pam_env.c in Linux-PAM (aka pam) before 1.1.5 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long string of white spaces at the beginning of the ~/.pam_environment file.
1263 CVE-2011-3146 DoS Exec Code 2012-09-05 2012-09-13
6.8
None Remote Medium Not required Partial Partial Partial
librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.
1264 CVE-2011-3131 399 DoS 2012-12-13 2012-12-13
4.6
None Local Low Single system None None Complete
Xen 4.1.1 and earlier allows local guest OS kernels with control of a PCI[E] device to cause a denial of service (CPU consumption and host hang) via many crafted DMA requests that are denied by the IOMMU, which triggers a livelock.
1265 CVE-2011-3115 119 DoS Overflow 2012-05-24 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger "type corruption."
1266 CVE-2011-3114 119 DoS Overflow 2012-05-24 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Multiple buffer overflows in the PDF functionality in Google Chrome before 19.0.1084.52 allow remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger unknown function calls.
1267 CVE-2011-3113 DoS 2012-05-24 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
The PDF functionality in Google Chrome before 19.0.1084.52 does not properly perform a cast of an unspecified variable during handling of color spaces, which allows remote attackers to cause a denial of service or possibly have unknown other impact via a crafted document.
1268 CVE-2011-3112 399 DoS 2012-05-24 2017-09-18
5.0
None Remote Low Not required None None Partial
Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via an invalid encrypted document.
1269 CVE-2011-3111 119 DoS Overflow 2012-05-24 2017-09-18
5.0
None Remote Low Not required None None Partial
Google V8, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (invalid read operation) via unspecified vectors.
1270 CVE-2011-3110 119 DoS Overflow 2012-05-24 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
The PDF functionality in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger out-of-bounds write operations.
1271 CVE-2011-3109 DoS 2012-05-24 2012-11-19
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 19.0.1084.52 on Linux does not properly perform a cast of an unspecified variable, which allows remote attackers to cause a denial of service or possibly have unknown other impact by leveraging an error in the GTK implementation of the UI.
1272 CVE-2011-3107 DoS 2012-05-24 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google Chrome before 19.0.1084.52 does not properly implement JavaScript bindings for plug-ins, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via unknown vectors.
1273 CVE-2011-3106 119 DoS Exec Code Overflow Mem. Corr. 2012-05-24 2017-09-18
10.0
None Remote Low Not required Complete Complete Complete
The WebSockets implementation in Google Chrome before 19.0.1084.52 does not properly handle use of SSL, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
1274 CVE-2011-3105 399 DoS 2012-05-24 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in Google Chrome before 19.0.1084.52 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the :first-letter pseudo-element.
1275 CVE-2011-3104 119 DoS Overflow 2012-05-24 2017-09-18
5.0
None Remote Low Not required None None Partial
Skia, as used in Google Chrome before 19.0.1084.52, allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
1276 CVE-2011-3103 399 DoS 2012-05-24 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
Google V8, as used in Google Chrome before 19.0.1084.52, does not properly perform garbage collection, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JavaScript code.
1277 CVE-2011-3102 189 DoS 2012-05-15 2017-12-28
6.8
None Remote Medium Not required Partial Partial Partial
Off-by-one error in libxml2, as used in Google Chrome before 19.0.1084.46 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via unknown vectors.
1278 CVE-2011-3100 DoS 2012-05-15 2017-12-28
5.0
None Remote Low Not required None None Partial
Google Chrome before 19.0.1084.46 does not properly draw dash paths, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
1279 CVE-2011-3099 399 DoS 2012-05-15 2017-12-04
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a malformed name for the font encoding.
1280 CVE-2011-3097 20 DoS 2012-05-15 2017-12-04
10.0
None Remote Low Not required Complete Complete Complete
The PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an out-of-bounds write error in the implementation of sampled functions.
1281 CVE-2011-3096 399 DoS 2012-05-15 2017-12-28
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 19.0.1084.46 on Linux allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an error in the GTK implementation of the omnibox.
1282 CVE-2011-3095 20 DoS 2012-05-15 2017-12-28
10.0
None Remote Low Not required Complete Complete Complete
The OGG container in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that trigger an out-of-bounds write.
1283 CVE-2011-3094 20 DoS 2012-05-15 2017-12-28
5.0
None Remote Low Not required None None Partial
Google Chrome before 19.0.1084.46 does not properly handle Tibetan text, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
1284 CVE-2011-3093 20 DoS 2012-05-15 2017-12-28
5.0
None Remote Low Not required None None Partial
Google Chrome before 19.0.1084.46 does not properly handle glyphs, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
1285 CVE-2011-3092 20 DoS 2012-05-15 2017-12-28
10.0
None Remote Low Not required Complete Complete Complete
The regex implementation in Google V8, as used in Google Chrome before 19.0.1084.46, allows remote attackers to cause a denial of service (invalid write operation) or possibly have unspecified other impact via unknown vectors.
1286 CVE-2011-3091 399 DoS 2012-05-15 2017-12-28
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in the IndexedDB implementation in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
1287 CVE-2011-3090 362 DoS 2012-05-15 2017-12-28
7.6
None Remote High Not required Complete Complete Complete
Race condition in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to worker processes.
1288 CVE-2011-3089 399 DoS 2012-05-15 2017-12-28
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving tables.
1289 CVE-2011-3088 119 DoS Overflow 2012-05-15 2017-12-28
5.0
None Remote Low Not required None None Partial
Google Chrome before 19.0.1084.46 does not properly draw hairlines, which allows remote attackers to cause a denial of service (out-of-bounds read) via unspecified vectors.
1290 CVE-2011-3086 399 DoS 2012-05-15 2017-12-28
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a STYLE element.
1291 CVE-2011-3085 119 DoS Overflow 2012-05-15 2017-12-28
5.0
None Remote Low Not required None None Partial
The Autofill feature in Google Chrome before 19.0.1084.46 does not properly restrict field values, which allows remote attackers to cause a denial of service (UI corruption) and possibly conduct spoofing attacks via vectors involving long values.
1292 CVE-2011-3083 119 DoS Overflow 2012-05-15 2017-12-28
5.0
None Remote Low Not required None None Partial
browser/profiles/profile_impl_io_data.cc in Google Chrome before 19.0.1084.46 does not properly handle a malformed ftp URL in the SRC attribute of a VIDEO element, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted web page.
1293 CVE-2011-3081 399 DoS 2012-05-01 2017-12-06
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3078.
1294 CVE-2011-3078 399 DoS 2012-05-01 2017-12-06
10.0
None Remote Low Not required Complete Complete Complete
Use-after-free vulnerability in Google Chrome before 18.0.1025.168 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the floating of elements, a different vulnerability than CVE-2011-3081.
1295 CVE-2011-3077 399 DoS 2012-04-05 2017-12-06
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving the script bindings, related to a "read-after-free" issue.
1296 CVE-2011-3076 399 DoS 2012-04-05 2017-12-06
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to focus handling.
1297 CVE-2011-3075 399 DoS 2012-04-05 2017-12-06
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to style-application commands.
1298 CVE-2011-3074 399 DoS 2012-04-05 2017-12-06
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of media.
1299 CVE-2011-3073 399 DoS 2012-04-05 2017-12-06
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of SVG resources.
1300 CVE-2011-3071 399 DoS 2012-04-05 2017-12-06
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the HTMLMediaElement implementation in Google Chrome before 18.0.1025.151 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
Total number of vulnerabilities : 1425   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 (This Page)27 28 29
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.