ZDI-11-210: Adobe Shockwave rcsL Chunk Parsing Misallocation Remote Code Execution Vulnerability

ZDI-11-210: Adobe Shockwave rcsL Chunk Parsing Misallocation Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-210 June 14, 2011 -- CVE ID: CVE-2011-2112 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave...

ZDI-11-209: Adobe Shockwave rcsL Substructure Parsing Remote Code Execution Vulnerability

ZDI-11-209: Adobe Shockwave rcsL Substructure Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-209 June 14, 2011 -- CVE ID: CVE-2011-0335 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player ...

CVE-2011-1277

Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted...

Heap overflow

Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a...

CVE-2011-1277

Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted...

Adobe Shockwave Shockwave 3d Asset.x32 DEMX 0xFFFFFF45 Field Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

MPlayer - .SAMI Subtitle File Buffer Overflow (DEP Bypass) (Metasploit)

MPlayer - .SAMI Subtitle File Buffer Overflow DEP Bypass Metasploit require 'msf/core' class MetasploitModule 'Mplayer SAMI Buffer Overflow', 'Description' = %q This module exploits a stack based buffer overflow found in SMPlayer 0.6.9 Permanent DEP /AlwaysON. The overflow is triggered during the...

Adobe Shockwave rcsL Substructure Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Excel Array Out Of Bounds Access CVE-2011-1274 Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability due to a boundary condition error. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits may allow attackers to execute arbitrary code with the...

Adobe Shockwave CASt Chunk Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Fedora Update for libmodplug FEDORA-2011-6931

Check for the Version of libmodplug OpenVAS Vulnerability Test Fedora Update for libmodplug FEDORA-2011-6931 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Gimp: Heap-based buffer overflow in Paint Shop Pro (PSP) plug-in

Heap-based buffer overflow in the readchanneldata function in file-psp.c in the Paint Shop Pro PSP plugin in GIMP 2.6.11 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a PSPCOMPRLE aka RLE compression image file that begins a long run...

[SECURITY] Fedora 14 Update: libmodplug-0.8.8.3-3.fc14

Modplug mod music file format library...

BlueVoda Website Builder 11 Stack Buffer Overflow

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

RedHat Update for gstreamer-plugins RHSA-2011:0477-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 4 : gstreamer-plugins (CESA-2011:0477)

Updated gstreamer-plugins packages that fix two security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity rating...

Subtitle Processor 7.7.1 .M3U SEH Unicode Buffer Overflow

This module exploits a vulnerability found in Subtitle Processor 7. By supplying a long string of data as a .m3u file, Subtitle Processor first converts this input in Unicode, which expands the string size, and then attempts to copy it inline on the stack. This results a buffer overflow with SEH...

Universal Fuzzer by Codenomicon !

Codenomicon is a Finland based Information Security company. Recently it has released a universal fuzzer, a fuzz testing solution that combines heuristics and multiple fuzzers with a graphical user interface, automated test executions and reporting features. Fuzzing has been popular between hacke...

Wireshark 1.4.4 packet-dect.c Stack Buffer Overflow

$Id: wiresharkpacketdect.rb 12365 2011-04-19 11:32:17Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

[SECURITY] Fedora 14 Update: libmodplug-0.8.8.2-1.fc14

Modplug mod music file format library...