CVE-2011-1495

drivers/scsi/mpt2sas/mpt2sasctl.c in the Linux kernel 2.6.38 and earlier does not validate 1 length and 2 offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service memory corruption, or obtain sensitive information from...

CVE-2011-1495

drivers/scsi/mpt2sas/mpt2sasctl.c in the Linux kernel 2.6.38 and earlier does not validate 1 length and 2 offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service memory corruption, or obtain sensitive information from...

Race condition

Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures, and cause a denial of service plugin crash or...

CVE-2008-7281

Open Ticket Request System OTRS before 2.2.7 sends e-mail containing a Bcc header field that lists the Blind Carbon Copy recipients, which allows remote attackers to obtain potentially sensitive e-mail address information by reading this field...

Fedora 15 : whatsup-1.12-2.fc15 (2011-3097)

Bug 652981 - libnodeupdown-backend-ganglia contains an embedded copy of expat, prone to CVE-2009-3720 - Bug 661001 - FTBFS whatsup-1.10-1.fc14 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

ClubHack : CHMag Issue 14th, March 2011 Download !

ClubHack : CHMag Issue 14th, March 2011 Download ! Description: 14th issue of ClubHACK magazine is out. Contents of this issue: Tech Gyan - Remote Thread Execution in System Process Tool Gyan - JS Recon: Java Script Network Reconnaissance Tool Mom's Guide - Choosing Right Secure Mobile Legal Gyan...

PT-2011-1074 · Suse +2 · Kernel-Kdumppae +3

Name of the Vulnerable Software and Affected Versions: Linux kernel version 2.6.38 and earlier kernel-kdumppae affected versions not specified Description: The issue is related to a lack of validation of length and offset values before performing memory copy operations in the Linux kernel. This...

Adobe Flash Player Point Object Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within construction ...

Making JPEG Images Copy-Evident

A group of academic researchers at the University of Cambridge has developed a new technique for making JPEG images copy-evident, so that users can tell whether an image has been recompressed and copied. The technique, presented in a paper by Andrew B. Lewis and Markus G. Kuhn, relies on a comple...

Android 1.x/2.x Local Root Exploit

Exploit for Android platform in category local exploits / android 1.x/2.x the real youdev feat. init local root exploit. C 2009/2010 by The Android Exploid Crew. Copy from sdcard to /sqlitestmtjournals/exploid, chmod 0755 and run. Or use /data/local/tmp if available thx to ioerror! It is importan...

kernel: ipc/sem.c: reading uninitialized stack memory

The copysemidtouser function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a 1 IPCINFO, 2 SEMINFO, 3 IPCSTAT, or 4 SEMSTAT command in a semctl system call...

CVE-2010-2963

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux V4L implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain...

CVE-2010-2963

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux V4L implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain...

kernel: RDS sockets local privilege escalation

The rdspagecopyuser function in net/rds/page.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg syste...

Apple QuickTime ELST MediaRate Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the QuickTimeMPEG.qtx...

1CLICK DVD Copy Pro 4.2.3.1 DLL Hijacking

=================================================== 1CLICK DVD Copy Pro 4.2.3.1 DLL Hijacking Exploit dvd43.dll =================================================== -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1...

1Click DVD Copy Pro 4.2.3.1 DLL Hijacking Exploit (dvd43.dll)

Exploit for windows platform in category local exploits ============================================================= 1Click DVD Copy Pro 4.2.3.1 DLL Hijacking Exploit dvd43.dll =============================================================...

Intel Finds BluRay HDCP Crack

Intel has confirmed Blu-ray HDCP encryption is cracked after admitting a leaked master key is the real deal. High-bandwidth Digital Content Protection HDCP copy protection technology is designed to protect high-definition video content as it travels across digital interfaces. Read the full...

FreeBSD : mozilla -- multiple vulnerabilities (4a21ce2c-bb13-11df-8e32-000f20797ede)

The Mozilla Project reports : MFSA 2010-49 Miscellaneous memory safety hazards rv:1.9.2.9/ 1.9.1.12 MFSA 2010-50 Frameset integer overflow vulnerability MFSA 2010-51 Dangling pointer vulnerability using DOM plugin array MFSA 2010-52 Windows XP DLL loading vulnerability MFSA 2010-53 Heap buffer...

Debian DSA-2106-1 : xulrunner - several vulnerabilities

Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-2760, CVE-2010-3167, CVE-2010-3168 Implementation errors in XUL processing allow the...