71 matches found
CVE-2016-4089
Technical details for CVE-2016-4089 are not publicly available in the provided connected documents. No affected product/version or exploit information is documented here; monitor for updates.
CVE-2016-1063
Technical details for CVE-2016-1063 are not publicly provided in the connected documents. The supplied sources do not specify affected products, versions, root cause, or remediation beyond the general description. Monitor for updates.
Memory corruption
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4080, CVE-2014-4089, and CVE-2014-4091...
Memory corruption
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-4080, CVE-2014-4089, and CVE-2014-4102...
CVE-2014-4089
CVE-2014-4089 concerns memory corruption in Microsoft Internet Explorer 10 and 11 caused by loading a crafted web site, enabling remote code execution or a denial of service. Affected product: Internet Explorer 10/11; vulnerable component: IE memory handling leading to memory corruption. Impact, ...
Microsoft Internet Explorer Memory Corruption (MS14-052: CVE-2014-4089)
A remote code execution vulnerability has been reported in Microsoft Internet Explorer. The vulnerability is due to an error in the way that Internet Explorer accesses an object that has not been correctly initialized or has been deleted. A remote attacker can exploit this issue by enticing a use...
CVE-2011-4089
The CVE-2011-4089 entry concerns the bzexe command in bzip2 1.0.5 and earlier. The vulnerability arises because extraction does not properly handle temporary files, allowing a local attacker to execute arbitrary code by precreating a temporary directory. Affected component: bzexe (bzip2). Root ca...
CVE-2012-4089
The CVE-2012-4089 issue affects Cisco Unified Computing System fabric interconnects (FI) via its MCTOOLS command. The root cause is improper input validation in MCTOOLS, enabling an authenticated, local attacker with local/shell-level/debug-level OS access to inject commands and execute arbitrary...
[USN-1308-1] bzip2 vulnerability
========================================================================== Ubuntu Security Notice USN-1308-1 December 14, 2011 bzip2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...
CVE-2011-4089
creationtimestamp| type| source ---|---|--- 2011-11-23 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/18147...
CVE-2011-4089
The bzexe command in bzip2 1.0.5 and earlier generates compressed executables that do not properly handle temporary files during extraction, which allows local users to execute arbitrary code by precreating a temporary directory...
SuSE 11.1 Security Update : freetype2 (SAT Patch Number 4089)
Specially crafted font files could crash applications that use freetype2 to render the fonts. CVE-2010-3814 / CVE-2010-3855 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself i...
Adobe Shockwave Player Memory Corruption Vulnerability - CVE-2010-4089
Dear List, I'm writing on behalf of the Check Point Vulnerability Discovery Team to publish the following vulnerability. Check Point Software Technologies - Vulnerability Discovery Team VDT http://www.checkpoint.com/defense/ Memory corruption when Adobe Shockwave Player parses .dir media file...
CVE-2010-4089
CVE-2010-4089 affects Adobe Shockwave Player, where IML32.dll can memory-corrupt via a crafted .dir file containing duplicated LCSM entries in an mmap record. This enables arbitrary code execution or a denial of service. Affected versions are Shockwave Player prior to 11.5.9.615. Remediation: upg...
CVE-2010-4089
IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a .dir file containing "duplicated LCSM entries in mmap record," a different vulnerability than CVE-2010-4087...
Shockwave Player < 11.5.9.615
The remote Windows host contains a version of Adobe's Shockwave Player that is earlier than 11.5.9.615. Such versions are potentially affected by the following issues : - A memory corruption issue exists that could lead to code execution. Note that there are reports this issue is being exploited ...
CVE-2009-4089
Telepark.wiki versions 2.4.23 and earlier are affected. Affected component: ajax/deletePage.php (modified pageID) allows deletion of arbitrary pages; ajax/deleteComment.php (modified pageID) allows deletion of arbitrary comments. Root cause: insufficient access control in Telepark.wiki web endpoi...
CVE-2009-4089
telepark.wiki 2.4.23 and earlier allows remote attackers to bypass authorization and 1 delete arbitrary pages via a modified pageID parameter to ajax/deletePage.php or 2 delete arbitrary comments via a modified pageID parameter to ajax/deleteComment.php...
CVE-2009-4089
creationtimestamp| type| source ---|---|--- 2009-08-24 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/9483 2009-11-16 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/10101...
Gentoo Security Advisory GLSA 200608-24 (AlsaPlayer)
The remote host is missing updates announced in advisory GLSA 200608-24. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...