1576 matches found
Design/Logic Flaw
The Debugger extension API in browser/extensions/api/debugger/debuggerapi.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as...
UBUNTU-CVE-2014-3172
The Debugger extension API in browser/extensions/api/debugger/debuggerapi.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as...
CVE-2014-3172
The CVE-2014-3172 issue affects Google Chrome prior to 37.0.2062.94, where the Debugger extension API (Debugger API in chrome browser extensions) does not validate a tab URL before an attach operation, potentially allowing an extension using a restricted URL (e.g., chrome:// URL) to bypass access...
CVE-2014-3172
The Debugger extension API in browser/extensions/api/debugger/debuggerapi.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as...
CVE-2014-3172
Removed by vendor...
Juniper Network and Security Manager XDB Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Juniper Network and Security Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XDB service. The issue lies in the ability to connect to the...
Google Chrome < 37.0.2062.94 Multiple Vulnerabilities (Mac OS X)
The version of Google Chrome installed on the remote Mac OS X host is a version prior to 37.0.2062.94. It is, therefore, affected by the following vulnerabilities : - Blink contains a use-after-free vulnerability in its SVG implementation. By using a specially crafted web page, a remote attacker...
[SECURITY] Fedora 19 Update: ipython-0.13.2-4.fc19
IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...
The Java Debugger exploits and fixes-vulnerability warning-the black bar safety net
0x0 Foreword Recently found an interesting vulnerability-JAVA open the Debugger mode can execute arbitrary system commands. Need certain Use Conditions, you have to be open to debug the process of setting up a breakpoint, and then use this breakpoint to execute the command of the operation. 0x1...
[SECURITY] Fedora 20 Update: seamonkey-2.26.1-1.fc20
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
[SECURITY] Fedora 19 Update: seamonkey-2.26.1-1.fc19
SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...
gdb (GNU debugger) <= 7.5.1NULL Pointer Dereference
No description provided by source. / gdb GNU debugger = 7.5.1 crash due a NULL pointer dereference ELF anti-debugging/reversing patcher Published @ IOActive Labs Research blog: http://blog.ioactive.com/2012/12/striking-back-gdb-and-ida-debuggers.html - nitr0us http://twitter.com/nitr0usmx Tested...
Confixx 2 Perl Debugger Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9831/info The Confixx PERL debugging utility functionality has been reported to be prone to a remote command execution vulnerability. The issue is reported to occur when a command sequence is appended to a HTTP request fo...
Trillian 0.x IRC Module Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5373/info A buffer overflow condition has been reported in the Trillian IRC module. The condition is due to insecure handling of data extracted from server responses. An attacker in control of a malicious server may explo...
DIMIN Viewer 5.4.0 Crash PoC
No description provided by source. !/usr/bin/perl DIMIN Viewer 5.4.0 = WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira [email protected] Vendor URI: http://www.dimin.net Vendor Decription: View images in countless formats, and apply a variety of effects with this small, fast, and...
FortKnox Personal Firewall 9.0.305.0 & 10.0.305.0 - Kernel Driver (fortknoxfw.sys) Memory Corruption Vulnerability
No description provided by source. / Exploit Title: 0day FortKnox Personal Firewall kernel driver fortknoxfw.sys memory corruption vulnerability Date: 25/10/2013 Author: Arash Allebrahim Contact : [email protected] Vendor Homepage: http://www.fortknox-firewall.com/ Vulnerable software :...
Microsoft Office Picture Manager 2010 Crash PoC
No description provided by source. Title : Microsoft Office Picture Manager 2010 memory corruption Version : Microsoft Office professional Plus 2010 Crash : http://img715.imageshack.us/img715/7364/pocl.png Date : 2012-10-24 Vendor : http://office.microsoft.com Impact : Med/High Contact : coolkave...
Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 Services.exe Denial of Service (1)
No description provided by source. source: http://www.securityfocus.com/bid/754/info A specially crafted packet can cause a denial of service on an NT 4.0 host, rendering local administration and network communication nearly unusable. This attack will crash the services executable, which in turn,...
JPEGsnoop <= 1.5.2 WriteAV Crash PoC
No description provided by source. !/usr/bin/perl JPEGsnoop 1.5.2 = WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira [email protected] Vendor URI: http://sourceforge.net/projects/jpegsnoop/ Vendor Description: JPEGsnoop is a detailed JPEG image decoder and analysis tool. It reports al...
Lotus Domino IMAP4 Server 6.5.4 - Remote Buffer Overflow Exploit
No description provided by source. Lotus Domino IMAP4 Server Release 6.5.4 / Windows 2000 Advanced Server x86 Remote Exploit Vulnerable: IBM Lotus Domino = 7.0.2 && 6.5.5 FP2 tested 6.5.4 Authors: Dominic Chell [email protected] & prdelka Exploitation steps: 1 The instruction call dword e...