Uber: Mass Assignment Vulnerability in partners.uber.com

A driver can change their full name into whatever they want after they are accepted into the Uber driver program. Once the uber driver is accepted, they can "Inspect Element" and change the profiles ... to contain the following information Same thing for last name. They will be given the...

The vulnerability of the Firebird database management system allows a perpetrator to cause a service failure.

The vulnerability of the xdrstatusvector function in the Firebird database management system is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Voice over LTE implementations contain multiple vulnerabilities

Overview Long Term Evolution LTE mobile networks are currently deployed through the world. These LTE mobile networks make use of full packet switching and the IP protocol, unlike previous iterations of the mobile network. This change from circuit switching to packet switching allows new attacks n...

Silver Peak VXOA < 6.2.11 - Multiple Vulnerabilities

Silver Peak VX virtual appliance running VXOA before version 6.2.11 contains a number of security vulnerabilities, including command injection, unauthenticated file read, mass assignment, shell upload, and hardcoded credentials. By combining these vulnerabilities, an attacker may remotely obtain...

Silver Peak VXOA 6.2.11 - Multiple Vulnerabilities

Silver Peak VXOA 6.2.11 - Multiple Vulnerabilities , , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Silver Peak VXOA Multiple Vulnerabilities Affected versions: Silver Peak VX 6.2.11 PDF:...

Silver Peak VXOA &lt; 6.2.11 - Multiple Vulnerabilities

, , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Silver Peak VXOA Multiple Vulnerabilities Affected versions: Silver Peak VX 6.2.11 PDF:...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-90)

The nsTArrayImpl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging a self assignment...

CVE-2015-4488

Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment...

CVE-2015-4488

CVE-2015-4488 is a use-after-free vulnerability in Mozilla Firefox’s StyleAnimationValue class (StyleAnimationValue::operator self assignment) that could allow a remote attacker to trigger memory corruption and potentially arbitrary code execution or a crash. Affected products: Mozilla Firefox be...

firefox: multiple issues

CVE-2015-4473 Memory safety bugs fixed in Firefox ESR 38.2 and Firefox 40: Gary Kwong, Christian Holler, and Byron Campen reported memory safety problems and crashes that affect Firefox ESR 38.1 and Firefox 39. - CVE-2015-4474 Memory safety bugs fixed in Firefox 40: Tyson Smith, Bobby Holley,...

Mozilla: Vulnerabilities found through code inspection (MFSA 2015-90)

The nsTArrayImpl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging a self assignment...

CVE-2015-4488

Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment...

UBUNTU-CVE-2015-4489

The nsTArrayImpl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 might allow remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging a self assignment...

UBUNTU-CVE-2015-4488

Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS before 2.2 allows remote attackers to have an unspecified impact by leveraging a StyleAnimationValue::operator self assignment...

The vulnerability of the Flash Player software platform, which allows a violator to trigger a service failure

The vulnerability of the Flash Player software is related to errors in pointer assignment. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the Flash Player software platform, which allows a violator to trigger a service failure

The vulnerability of the Flash Player software is related to errors in pointer assignment. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

pacemaker: acl read-only access allow role assignment

A flaw was found in the way pacemaker, a cluster resource manager, evaluated added nodes in certain situations. A user with read-only access could potentially assign any other existing roles to themselves and then add privileges to other users as well...

The vulnerability of the Flash Player software platform, which allows a violator to trigger a service failure

The vulnerability of the Flash Player software is related to errors in pointer assignment. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

The vulnerability of the Flash Player software platform, which allows a violator to trigger a service failure

The vulnerability of the Flash Player software is related to errors in pointer assignment. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures...

Adobe Flash ActionScript ByteArray Buffer UAF 代码执行

Vulcan 在第一时间进行了分析, 下面都是基于该报告1进行说明:漏洞的形成原因是 Clasz 类型给 ByteArray 类型赋值时调用 valueOf 函数过程中 buffer 使用不当，从而造成 Use After Free 漏洞。forvar i:int; i alen; i+=3 ai = new Class2i; ai+1 = new ByteArray; // 这里产生 ByteArray 类型数据 ai+1.length = 0xfa0; // 这里将 ByteArray 类型数据的初始长度设置为 0xfa0 // 进入 Adobe Flash Player 之后...