8284 matches found
MS KB2927432: Visual Studio Update 2 for Debug Interface Access SDK
The version of the Microsoft Debug Interface Access Library on the remote host is affected by a memory corruption vulnerability related to parsing PDB files. An attacker could exploit this issue by tricking a user into loading a malicious file. This could allow an attacker to execute arbitrary co...
Memory corruption
msdia.dll in Microsoft Debug Interface Access DIA SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service...
CVE-2014-3802
msdia.dll in Microsoft Debug Interface Access DIA SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service...
CVE-2014-3802
The CVE-2014-3802 issue affects msdia.dll (Microsoft Debug Interface Access Library) in Visual Studio prior to 2013. The root cause is a failure to validate an unspecified variable when calculating a dynamic-call address while parsing PDB files, leading to memory corruption. Impact per sources: r...
CVE-2014-1909
Integer signedness error in system/core/adb/adbclient.c in Android Debug Bridge ADB for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow...
CVE-2014-1909
Integer signedness error in system/core/adb/adbclient.c in Android Debug Bridge ADB for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow...
DEBIAN-CVE-2014-1909
Integer signedness error in system/core/adb/adbclient.c in Android Debug Bridge ADB for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow...
CVE-2014-1909
Integer signedness error in system/core/adb/adbclient.c in Android Debug Bridge ADB for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow...
Microsoft DIA SDK msdia.dll Memory Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Debug Interface Access SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
CVE-2014-1909
CVE-2014-1909 is an integer signedness error in Android’s ADB implementation (system/core/adb/adb_client.c) affecting Android 4.4 with Platform Tools 18.0.1. Exploitation could allow an ADB server to execute arbitrary code via a negative length value that defeats a signed check and triggers a sta...
CVE-2014-1909
Integer signedness error in system/core/adb/adbclient.c in Android Debug Bridge ADB for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow...
CVE-2014-1909
Integer signedness error in system/core/adb/adbclient.c in Android Debug Bridge ADB for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow...
Ubuntu 14.04 LTS : elfutils vulnerability (USN-2188-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2188-1 advisory. Florian Weimer discovered that the elfutils libdw library incorrectly handled malformed compressed debug sections in ELF files. If a user or automated system were...
USN-2188-1 elfutils vulnerability
Florian Weimer discovered that the elfutils libdw library incorrectly handled malformed compressed debug sections in ELF files. If a user or automated system were tricked into processing a specially crafted ELF file, applications linked against libdw could be made to crash, or possibly execute...
Authentication flaw
The Festo CECX-X-C1 Modular Master Controller with CoDeSys and CECX-X-M1 Modular Controller with CoDeSys and SoftMotion do not require authentication for connections to certain TCP ports, which allows remote attackers to 1 modify the configuration via a request to the debug service on port 4000 o...
UBUNTU-CVE-2014-2915
Xen 4.4.x, when running on ARM systems, does not properly restrict access to hardware features, which allows local guest users to cause a denial of service host or guest crash via unspecified vectors, related to 1 cache control, 2 coprocessors, 3 debug registers, and 4 other unspecified registers...
CVE-2014-2915
CVE-2014-2915 affects Xen 4.4.x running on ARM. The root cause is improper restriction/configuration of the hardware virtualization platform, allowing a local guest to access hardware features (cache control, coprocessors, debug registers, and other processor-specific registers). This can lead to...
[SECURITY] Fedora 19 Update: php-ZendFramework2-2.2.6-1.fc19
Zend Framework 2 is an open source framework for developing web applications and services using PHP 5.3+. Zend Framework 2 uses 100% object-oriented code and utilizes most of the new features of PHP 5.3, namely namespaces, late static binding, lambda functions and closures. Zend Framework 2 evolv...
CVE-2014-0172
Integer overflow in the checksection function in dwarfbeginelf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed compressed debug section in an ELF...
DEBIAN-CVE-2014-0172
Integer overflow in the checksection function in dwarfbeginelf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed compressed debug section in an ELF...