1194 matches found
Mozilla Firefox Input Box Type Property Dangling Pointer Vulnerability
This vulnerability allows attackers to potentially execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when a DOM method on a specific HTML form...
CVE-2008-4194
The pexecquery function in src/dnsquery.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service daemon crash via a long DNS reply with many entries in the answer section, related to a "dangling pointer bug."...
Design/Logic Flaw
The pexecquery function in src/dnsquery.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service daemon crash via a long DNS reply with many entries in the answer section, related to a "dangling pointer bug."...
CVE-2008-4194
The pexecquery function in src/dnsquery.c in pdnsd before 1.2.7-par allows remote attackers to cause a denial of service daemon crash via a long DNS reply with many entries in the answer section, related to a "dangling pointer bug."...
Immunity Canvas: MS07_066
Name| ms07066 ---|--- CVE| CVE-2007-5350 Exploit Pack| CANVAS Description| Microsoft Vista ALPC Dangling Pointer Overwrite Notes| References: www.microsoft.com/technet/security/bulletin/ms07-066.mspx CVE Name: CVE-2007-5350 VENDOR: Microsoft MSADV: MS07-066 Date public: 12/11/07 CVE Url:...
CVE-2007-3929
Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object...
Design/Logic Flaw
Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object...
CVE-2007-3929
Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object...
CVE-2007-3929
Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object...
iDefense Security Advisory 07.19.07: Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability
Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability iDefense Security Advisory 07.19.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 19, 2007 I. BACKGROUND Opera is a cross-platform web browser. More information is available at http://www.opera.com/ II...
CVE-2007-1209
Use-after-free vulnerability in the Client/Server Run-time Subsystem CSRSS in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a...
Design/Logic Flaw
Use-after-free vulnerability in the Client/Server Run-time Subsystem CSRSS in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a...
CVE-2007-1209
Use-after-free vulnerability in the Client/Server Run-time Subsystem CSRSS in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a...
DEBIAN-CVE-2023-53805
In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix UAF in gsmcleanupmux In gsmcleanupmux the 'gsm-dlci' pointer was not cleaned properly, leaving it a dangling pointer after gsmdlcirelease. This leads to use-after-free where 'gsm-dlci0' are freed and accessed by th...