CVE-2010-3958

The CVE-2010-3958 issue affects Microsoft .NET Framework: x86 JIT compiler in .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0. An attacker can trigger remote code execution by delivering a crafted XAML browser application (XBAP), a crafted ASP.NET application, or a crafted .NET Framework applicat...

CVE-2010-3958

The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framework...

Microsoft .NET Framework Remote Code Execution Vulnerability (2484015)

This host is missing a critical security update according to Microsoft Bulletin MS11-028. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS11-028: Vulnerability in .NET Framework Could Allow Remote Code Execution (2484015)

The x86 JIT compiler included with the version of the .NET Framework installed on the remote host incorrectly compiles certain types of function calls. An attacker may be able to leverage this vulnerability to run arbitrary code on the affected system under either of the following scenarios : -...

Microsoft .NET Framework Remote Code Execution Vulnerability (2484015)

This host is missing a critical security update according to Microsoft Bulletin MS11-028. OpenVAS Vulnerability Test $Id: secpodms11-028.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft .NET Framework Remote Code Execution Vulnerability 2484015 Authors: Sooraj KS Copyright: Copyright c 2011 SecPod,...

Основы написания Win-шеллкода

В этой статье речь пойдет о написании простого шеллкода под Windows платформу. Статья является начальным этапом цикла статей, которые я, опираясь на материалы и труды зарубежных специалистов в данной области, планирую написать. Эта статья не насыщена всеобъемлющей информацией, однако её цель -...

Fedora 14 : asterisk-1.6.2.17-1.fc14 (2011-2438)

The Asterisk Development Team has announced the release of Asterisk 1.6.2.17. This release is available for immediate download at http://downloads.asterisk.org/pub/telephony/asterisk/ The release of Asterisk 1.6.2.17 resolves several issues reported by the community and would have not been possib...

Microsoft .NET Framework JIT Compiler - Optimization NULL String Remote Code Execution

Microsoft .NET Framework JIT Compiler - Optimization NULL String Remote Code Execution source: https://www.securityfocus.com/bid/47834/info The Microsoft .NET Framework is prone to a remote code-execution vulnerability that affects the Just-In-Time JIT compiler optimization on x86 architectures...

Microsoft .NET Framework JIT Compiler - Optimization NULL String Remote Code Execution

source: https://www.securityfocus.com/bid/47834/info The Microsoft .NET Framework is prone to a remote code-execution vulnerability that affects the Just-In-Time JIT compiler optimization on x86 architectures. Successful exploits may allow an attacker to execute arbitrary code in the context of t...

Fedora 15 : telepathy-gabble-0.11.7-1.fc15 / telepathy-glib-0.13.13-1.fc15 (2011-1284)

Telepathy-Gabble changes, including a security fix : - fd.o32390: Gabble now treats a request for a ContactSearch channel with Server set to the empty string as equivalent to not specifying a server, and rejects requests where the JID specified for Server is invalid. - fd.o32874: Offline contacts...

Oracle Java - Floating-Point Value Denial of Service

Oracle Java - Floating-Point Value Denial of Service source: https://www.securityfocus.com/bid/46091/info Oracle Java is prone to a remote denial-of-service vulnerability. Successful attacks will cause applications written in Java to hang, creating a denial-of-service condition. This issue affect...

Oracle Java - Floating-Point Value Denial of Service

source: https://www.securityfocus.com/bid/46091/info Oracle Java is prone to a remote denial-of-service vulnerability. Successful attacks will cause applications written in Java to hang, creating a denial-of-service condition. This issue affects both the Java compiler and Runtime Environment. Sen...

RedHat Update for gcc RHSA-2011:0025-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RHEL 5 : gcc (RHSA-2011:0025)

Updated gcc packages that fix two security issues and several compiler bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Intel® C++ Compiler and Intel® Fortran Compiler Insecure File Permission Local Privilege Escalation Vulnerability

Summary: Updated software is available for the customers using Intel® C++ Compiler Professional Edition for Linux and Intel® Fortran Compiler Professional Edition for Linux to mitigate a local privilege escalation vulnerability which could potentially be triggered during the compilation process...

Fedora 13 : clamav-0.96.5-1300.fc13 (2010-18564)

Sat Dec 4 2010 Enrico Scholz - 0.96.5-1300 - updated to 0.96.5 - CVE-2010-4260 Multiple errors within the processing of PDF files can be exploited to e.g. cause a crash. - CVE-2010-4261 An off-by-one error within the 'iconcb' function can be exploited to cause a memory corruption. - Sun Oct 31...

Linux Kernel 2.6.37-rc2 - ACPI custom_method Local Privilege Escalation

Linux Kernel 2.6.37-rc2 - ACPI custommethod Local Privilege Escalation / american-sign-language.c Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4347 This custommethod file allows to inject custom ACPI methods into the ACPI interpreter...

CUPS < 1.4.5 Multiple Vulnerabilities

According to its banner, the version of CUPS installed on the remote host is prior to 1.4.5. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists due to improper allocation of memory for attribute values with invalid string data types. A remote attacker can...

CVE-2010-3228

The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms does not properly perform optimizations, which allows remote attackers to execute arbitrary code via a crafted .NET application that triggers memory corruption, aka ".NET Framework x64 JIT Compiler Vulnerability."...

Memory corruption

The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms does not properly perform optimizations, which allows remote attackers to execute arbitrary code via a crafted .NET application that triggers memory corruption, aka ".NET Framework x64 JIT Compiler Vulnerability."...