National Vulnerability Database

National Vulnerability Database

National Vulnerability

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): "integer overflow"
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 3 matching records.
Vuln ID Summary CVSS Severity

Pillow before 3.3.2 allows context-dependent attackers to obtain sensitive information by using the "crafted image file" approach, related to an "Integer Overflow" issue affecting the Image.core.map_buffer in map.c component.

Published: November 04, 2016; 06:59:09 AM -04:00
V3.0: 5.5 MEDIUM
    V2: 4.3 MEDIUM

The ipalloc function in libc/stdlib/malloc.c in jemalloc in libc for FreeBSD 6.4 and NetBSD does not properly allocate memory, which makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, related to "integer rounding and overflow" errors.

Published: July 25, 2012; 03:55:01 PM -04:00
    V2: 5.0 MEDIUM

Oracle 10g R2 and possibly other versions allows remote attackers to trigger internal errors, and possibly have other impacts, via an "alter session set events" command with invalid arguments. NOTE: this issue was originally disputed by a third party, but the dispute was retracted. NOTE: this issue was called an "integer overflow" in the original source, but this might be incorrect.

Published: March 02, 2007; 04:18:00 PM -05:00
    V2: 6.0 MEDIUM