Slackware 14.0 / 14.1 / current : seamonkey (SSA:2015-246-01)

New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2015-246-01. The text itself is copyright...

[slackware-security] gdk-pixbuf2

New gdk-pixbuf2 packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/gdk-pixbuf2-2.28.2-i486-2slack14.1.txz: Rebuilt. Gustavo Grieco discovered a heap overflow in the processing of BM...

Hewlett-Packard LoadRunner Controller Scenario File Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability could allow attackers to execute arbitrary code on vulnerable installations of HP LoadRunner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Mozilla Firefox nsIPresShell Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the usage of...

win2003/x64 - Token Stealing shellcode - 59 bytes

;token stealing shellcode Win 2003 x64 ;based on the widely available x86 version ;syntax for NASM ;Author: Csaba Fitzl, @theevilbit ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;important structures and offsets; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;kd dt -r1 nt!TEB ; +0x110 SystemReserved1 : 54 Ptr64 Void...

Microsoft Office Memory Corruption Vulnerability (CNVD-2015-05282)

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A remote code execution vulnerability exists in Microsoft Office software when the Office software fails t...

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2015-05211)

Microsoft Internet Explorer is a popular WEB browser. A remote code execution vulnerability exists when Internet Explorer fails to properly access objects in memory. The vulnerability allows an attacker to execute arbitrary code memory corruption in the context of the current user...

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2015-05209)

Microsoft Internet Explorer is a popular WEB browser. A remote code execution vulnerability exists when Internet Explorer fails to properly access objects in memory. The vulnerability allows an attacker to execute arbitrary code memory corruption in the context of the current user...

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2015-05233)

Microsoft Internet Explorer is a popular WEB browser. A remote code execution vulnerability exists when Internet Explorer fails to properly access objects in memory. The vulnerability allows an attacker to execute arbitrary code memory corruption in the context of the current user...

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2015-05234)

Microsoft Internet Explorer is a popular WEB browser. A remote code execution vulnerability exists when Internet Explorer fails to properly access objects in memory. The vulnerability allows an attacker to execute arbitrary code memory corruption in the context of the current user...

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2015-05237)

Microsoft Internet Explorer is a popular WEB browser. A remote code execution vulnerability exists when Internet Explorer fails to properly access objects in memory. The vulnerability allows an attacker to execute arbitrary code memory corruption in the context of the current user...

Microsoft Office Memory Corruption Vulnerability (CNVD-2015-05285)

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A remote code execution vulnerability exists in Microsoft Office software when the Office software fails t...

Microsoft Office Memory Corruption Vulnerability (CNVD-2015-05283)

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A remote code execution vulnerability exists in Microsoft Office software when the Office software fails t...

Microsoft Office Memory Corruption Vulnerability (CNVD-2015-05284)

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A remote code execution vulnerability exists in Microsoft Office software when the Office software fails t...

Microsoft Office Integer Overflow Remote Code Execution Vulnerability

Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A security vulnerability exists when Office reduces an integer value by more than a specified minimum valu...

Microsoft Internet Explorer Memory Corruption Vulnerability (CNVD-2015-05238)

Microsoft Internet Explorer is a popular WEB browser. A remote code execution vulnerability exists when Internet Explorer fails to properly access objects in memory. The vulnerability allows an attacker to execute arbitrary code memory corruption in the context of the current user...

Microsoft Internet Explorer stack Property Descriptor Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Internet Explorer Array Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

[slackware-security] mozilla-firefox

New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/mozilla-firefox-38.1.1esr-i486-1slack14.1.txz: Upgraded. This release contains security fixes and improvements. For more...

BitTorrent Bootstrap Improper Indexing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of BitTorrent Bootstrap. User interaction is not required to exploit this vulnerability. The specific flaw exists within the handling of arguments passed to the lazybdecode function. By sending a...