UBUNTU-CVE-2014-4698

Use-after-free vulnerability in ext/spl/splarray.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments...

Apple Safari 1.x Large JavaScript Array Handling Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9815/info Apple Safari Web Browser is reported to be prone to a security vulnerability related to handling of large JavaScript arrays with 99999999999999999999999 or 0x23000000 elements. By declaring such an array and the...

CVE-2014-1514

vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of servi...

(Pwn2Own) Microsoft Internet Explorer VML Parsing Remote Code Execution Vulnerabillity

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Remote Desktop Protocol Channel Abort Condition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft's Remote Desktop Protocol. Authentication is not required to exploit this vulnerability. The specific flaw exists during handling of an error while loading elements into an array. This...

Design/Logic Flaw

The phpregistervariableex function in phpvariables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a large number of variables, related to improper handling of array variables. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4885...

Mozilla Foundation Security Advisory 2010-02

Mozilla Foundation Security Advisory 2010-02 Title: Web Worker Array Handling Heap Corruption Vulnerability Impact: Critical Announced: February 17, 2010 Reporter: Orlando Barrera II Products: Firefox, SeaMonkey Fixed in: Firefox 3.6 Firefox 3.5.8 Firefox 3.0.18 SeaMonkey 2.0.3 Description Securi...

FreeBSD : mozilla -- multiple vulnerabilities (f82c85d8-1c6e-11df-abb2-000f20797ede)

Mozilla Project reports : MFSA 2010-05 XSS hazard using SVG document and binary Content-Type MFSA 2010-04 XSS due to window.dialogArguments being readable cross-domain MFSA 2010-03 Use-after-free crash in HTML parser MFSA 2010-02 Web Worker Array Handling Heap Corruption Vulnerability MFSA 2010-0...

Web Worker Array Handling Heap Corruption Vulnerability — Mozilla

Security researcher Orlando Barrera II of SecTheory reported, via TippingPoint's Zero Day Initiative, that Mozilla's implementation of Web Workers contained an error in its handling of array data types when processing posted messages. This error could be used by an attacker to corrupt heap memory...

RedHat Update for ruby RHSA-2008:0561-01

Check for the Version of ruby OpenVAS Vulnerability Test RedHat Update for ruby RHSA-2008:0561-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...

CentOS Update for ruby CESA-2008:0562-01 centos2 i386

Check for the Version of ruby OpenVAS Vulnerability Test CentOS Update for ruby CESA-2008:0562-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

[SECURITY] [DSA 1618-1] New ruby1.9 packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1618-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 26, 2008 http://www.debian.org/security/faq -...

DSA-1618-1 ruby1.9 - several vulnerabilities

Bulletin has no description...

Debian DSA-1612-1 : ruby1.8 - several vulnerabilities

Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-2662 Drew Yao discovered that multiple...

DSA-1612-1 ruby1.8 - several vulnerabilities

Bulletin has no description...

Moderate: Red Hat Security Advisory: ruby security update

Updated ruby packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ruby is an interpreted scripting language for quick and easy object-oriented...

Opera web browser large javaScript array handling vulnerability

The remote host is using Opera - an alternative web browser. This version is vulnerable to an issue when handling large JavaScript arrays. In particular, it is possible to crash the browser when performing various operations on Array objects with 99999999999999999999999 or 0x23000000 elements. Th...

Opera web browser large javaScript array handling vulnerability

The remote host is using Opera - an alternative web browser. This version is vulnerable to an issue when handling large JavaScript arrays. In particular, it is possible to crash the browser when performing various operations on Array objects with 99999999999999999999999 or 0x23000000 elements. Th...

Internet Explorer help

None None...