Alexander Miller

#5840of 53,632
46.2Total CVSS
Vulnerabilities · 5
High
4
Critical
1
PT-2019-14015
9.8
2019-08-18
Adplug Team · Adplug · CVE-2019-15151
**Name of the Vulnerable Software and Affected Versions** AdPlug version 2.3.1 **Description** The issue is related to a double free in the `Cu6mPlayer` class located in `u6m.h`. **Recommendations** For AdPlug version 2.3.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2019-13784
8.8
2019-08-06
Adplug Team · Adplug · CVE-2019-14690
**Name of the Vulnerable Software and Affected Versions** AdPlug version 2.3.1 **Description** The issue is a heap-based buffer overflow in the `CxadbmfPlayer:: bmf convert stream()` function, located in `bmf.cpp`. **Recommendations** For AdPlug version 2.3.1, at the moment, there is no information about a newer version that contains a fix for this issue.
PT-2019-13785
8.8
2019-08-06
Adplug Team · Adplug · CVE-2019-14691
**Name of the Vulnerable Software and Affected Versions** AdPlug version 2.3.1 **Description** The issue is a heap-based buffer overflow in the `CdtmLoader::load()` function located in `dtm.cpp`. **Recommendations** For AdPlug version 2.3.1, consider avoiding the use of the `CdtmLoader::load()` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.
PT-2019-13786
8.8
2019-08-06
Adplug Team · Adplug · CVE-2019-14692
**Name of the Vulnerable Software and Affected Versions** AdPlug version 2.3.1 **Description** The issue is a heap-based buffer overflow in the `load()` function of the `CmkjPlayer` class, located in the `mkj.cpp` file. **Recommendations** For AdPlug version 2.3.1, consider avoiding the use of the `load()` function in the `CmkjPlayer` class until a patch is available. As a temporary workaround, restricting access to the `mkj.cpp` file or the `CmkjPlayer` class may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.
PT-2011-2052
10
2011-03-02
Mozilla · Firefox · CVE-2011-0058
**Name of the Vulnerable Software and Affected Versions** Mozilla Firefox versions prior to 3.5.17 Mozilla Firefox versions 3.6.x prior to 3.6.14 SeaMonkey versions prior to 2.0.12 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service due to memory corruption. This is achieved by constructing a long text run using a long string. **Recommendations** For Mozilla Firefox versions prior to 3.5.17, update to version 3.5.17 or later. For Mozilla Firefox versions 3.6.x prior to 3.6.14, update to version 3.6.14 or later. For SeaMonkey versions prior to 2.0.12, update to version 2.0.12 or later.