CVE-2005-3409

CVE-2005-3409 - OpenVPN 2.x before 2.0.4, when running in TCP mode, allows remote attackers to cause a denial of service (segmentation fault) by forcing the accept function call to return an error status, which leads to a null dereference in an exception handler. ...
4 years ago

CVE-2010-3409 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1824. Reason: This candidate is a duplicate of CVE-2010-1824. Notes: All CVE users should reference CVE-2010-1824 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-2021-3409 - The patch for CVE-2020-17380/CVE-2020-25085 was found to be ineffective, thus making QEMU vulnerable to the out-of-bounds read/write access issues previously found in the SDHCI controller emulation code. This flaw allows a malicious privileged guest ...
2 years ago

CVE-2022-3409 - A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. This vulnerability was identified during mitigation for CVE-2022-2809. When fuzzing the multipart_parser code using AFL++ with address sanitizer enabled to find ...
2 years ago

CVE-2009-3409 - Unspecified vulnerability in the PeopleSoft Enterprise HCM (TAM) component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 9.0 Bundle 10 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. ...
12 years ago

CVE-2013-3409 - The portal in Cisco Prime Central for Hosted Collaboration Solution (HCS) places cleartext credentials in temporary files, which allows local users to obtain sensitive information by leveraging weak file permissions to read these files, aka Bug IDs ...
11 years ago

CVE-2006-3409 - Integer overflow in Tor before 0.1.1.20 allows remote attackers to execute arbitrary code via crafted large inputs, which result in a buffer overflow when elements are added to smartlists. ...
7 years ago

CVE-2014-3409 - The Ethernet Connectivity Fault Management (CFM) handling feature in Cisco IOS 12.2(33)SRE9a and earlier and IOS XE 3.13S and earlier allows remote attackers to cause a denial of service (device reload) via malformed CFM packets, aka Bug ID ...
7 years ago

CVE-2015-3409 - Untrusted search path vulnerability in Module::Signature before 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan horse Text::Diff module. <a ...
7 years ago

CVE-2008-3409 - Buffer overflow in Unreal Tournament 3 1.3beta4 and earlier allows remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via a UDP packet containing a large value in a certain size ...
1 year ago

CVE-2007-3409 - Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service (stack consumption) via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop. ...
1 year ago

CVE-2012-3409 - ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation ...
5 years ago

CVE-2016-3409 - Cross-site scripting (XSS) vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka bug 102637. ...
4 years ago

CVE-2019-3409 - All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE product are impacted by command injection vulnerability. Due to inadequate parameter verification, unauthorized users can take advantage of this vulnerability to control the user ...
4 years ago

CVE-2020-3409 - A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. ...
2 years ago

CVE-2017-3409 - Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable ...
5 years ago

CVE-2020-25747 - The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. Thus, the attacker can watch live streams from the ...
3 years ago

CVE-2020-25749 - The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system ...
4 years ago

CVE-2020-25748 - A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339). Someone in the middle can intercept and modify the video data from the camera, which is transmitted in an unencrypted form. ...
4 years ago

CVE-2011-3409 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none ...
55 years ago Tenable.com

CVE-2005-0067 - The original design of TCP does not require that port numbers be assigned randomly (aka "Port randomization"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as ...
16 years ago

CVE-2005-0065 - The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it ...
16 years ago

CVE-2005-0066 - The original design of TCP does not check that the TCP Acknowledgement number in an ICMP error message generated by an intermediate router is within the range of possible values for data that has already been acknowledged (aka "TCP ...
1 year ago

CVE-2005-0068 - The original design of ICMP does not require authentication for host-generated ICMP error messages, which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) ...
16 years ago

CVE-2005-4531 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2005-3345. Reason: This candidate is a duplicate of CVE-2005-3345. CVE-2005-3345 had already been assigned, but not published, before this candidate was created. Notes: All CVE users ...
55 years ago Tenable.com