UBUNTU-CVE-2017-5400

JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox 52, Firefox ESR 45.8, Thunderbird 52, and Thunderbird 45.8...

UBUNTU-CVE-2015-2877

DISPUTED Kernel Samepage Merging KSM in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS instances via a Cross-VM ASL INtrospection CAIN attack. NOTE: the vendor states...

CVE-2016-8334

A large out-of-bounds read on the heap vulnerability in Foxit PDF Reader can potentially be abused for information disclosure. Combined with another vulnerability, it can be used to leak heap memory layout and in bypassing ASLR...

DEBIAN-CVE-2015-5073

Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to cause a denial of service crash or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an...

CVE-2015-5073

Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to cause a denial of service crash or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an...

The vulnerability of the Internet Explorer browser, which allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The Internet Explorer browser contains a vulnerability in its ASLR component a mechanism for randomizing the address space, which is related to errors in the implementation of the address space limitation. Exploiting this vulnerability can allow a malicious actor to bypass the ASLR limitation and...

The vulnerability of the Internet Explorer browser, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

There is a vulnerability in Internet Explorer that allows attackers to circumvent the ASLR Address Space Randomization protection mechanisms, which serve to protect users from various vulnerabilities. Simply bypassing this protection does not allow the execution of arbitrary code. However,...

The vulnerability in Microsoft.NET Framework software allows a malicious attacker to compromise the confidentiality of protected information.

Vulnerability exists in the Microsoft .NET Framework, and it allows attackers to circumvent the ASLR protection mechanism, which safeguards users against a wide range of vulnerabilities. Simply bypassing the protection mechanism itself does not allow the execution of arbitrary code. However,...

The vulnerability of the Flash Player software allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in the Adobe Flash Player due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows an attacker to bypass the ASLR Address Space Layout Randomization protection mechanism...

The vulnerability of Microsoft Silverlight software allows a malicious intruder to compromise protected information.

The vulnerability exists in the security features of Silverlight due to the improper implementation of Data Execution Prevention DEP and Address Space Layout Randomization ASLR. This allows attackers to circumvent these security mechanisms by exploiting the vulnerability, enabling them to execute...

The vulnerability of Adobe Pepper Flash software for Google Chrome allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in Adobe Pepper Flash for Google Chrome, due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows attackers to bypass the ASLR Address Space Layout Redirection protection mechanism...

The vulnerability of Adobe Pepper Flash software for Google Chrome allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in Adobe Pepper Flash for Google Chrome, due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows an attacker to bypass the ASLR Address Space Layout Randomization protection mechanism...

The vulnerability of the Flash Player software allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability exists in the Adobe Flash Player due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows an attacker to bypass the ASLR Address Space Layout Randomization protection mechanism...

The vulnerability of the Microsoft .NET Framework software platform allows a malicious individual to execute arbitrary code.

The Microsoft .NET Framework contains a vulnerability related to the use of incorrect address space randomization ALSR. Exploiting this vulnerability allows a malicious actor to bypass ASLR protection and load additional malware code into the process to exploit other vulnerabilities...

The vulnerability of the Microsoft Office software allows a malicious actor to bypass the ASLR protection mechanism.

Microsoft Office software has a vulnerability related to an error that occurs due to incorrect implementation of address space randomization ASLR during the execution of the MSCOMCTL control element library. Exploiting this vulnerability allows a malicious individual to bypass the ASLR protection...

Microsoft Enhanced Mitigation Experience Toolkit Security Bypass Vulnerability

Microsoft Enhanced Mitigation Experience Toolkit is a security tool introduced in response to vulnerabilities. It protects users from attacks even when patches are not installed through technologies such as Data Execution Protection DEP, Structured Exception Handling Override Protection SEHOP, an...

Android Security Bypass Vulnerability

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. Android suffers from a security vulnerability that allows remote attackers to bypass the ASLR protection mechanism...

The vulnerability in the Internet Explorer browser allows a perpetrator to bypass the ASLR protection mechanism.

The vulnerability in the JavaScript engines of Internet Explorer lies in the lack of protection for service data. Exploiting this vulnerability allows a malicious actor to bypass the ASLR protection mechanism by using a specially crafted web page...

Microsoft Office Security Mechanism Bypass Vulnerability

Microsoft Office is a suite of office software developed by Microsoft Corporation for the Microsoft Windows and Apple Macintosh operating systems. A security bypass vulnerability exists in Microsoft Office, which can be exploited by remote attackers to bypass the ASLR protection mechanism and...

AVG Internet Security Security Bypass Vulnerability

AVG Internet Security is a suite of Internet security software from the Czech company AVG. The AVG Internet Security 2015 program protects user-mode processes by allocating memory with Read, Write, Execute RWX privileges in predictable addresses, allowing an attacker to bypass the DEP and ASLR...