423 matches found
CVE-2015-3718
systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary code with systemstatsd privileges via a crafted app, related to a "type confusion" issue...
Type confusion
systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary code with systemstatsd privileges via a crafted app, related to a "type confusion" issue...
CVE-2015-3718
systemstatsd in the System Stats subsystem in Apple OS X before 10.10.4 does not properly interpret data types encountered in interprocess communication, which allows attackers to execute arbitrary code with systemstatsd privileges via a crafted app, related to a "type confusion" issue...
Cisco AnyConnect Secure Mobility Client Elevation of Privilege Vulnerability
The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. Cisco AnyConnect Secure Mobility Client has a security vulnerability in interprocess communication IPC that allows a local attacker to write and overwrite arbitrary files with elevated privileges...
Cisco AnyConnect Secure Mobility Client Hostscan Path Traversal Vulnerability
The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. A security vulnerability exists in the Interprocess Communication IPC of the Cisco AnyConnect Secure Mobility Client Hostscan module, which allows a local attacker to write and overwrite arbitrary files with elevat...
kernel: ipc: ipc_rcu_putref refcount races
A flaw was found in the way the ipcrcuputref function in the Linux kernel's IPC implementation handled reference counter decrementing. A local, unprivileged user could use this flaw to trigger an Out of Memory OOM condition and, potentially, crash the system...
UBUNTU-CVE-2014-3188
Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in...
PT-2014-7805 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.16.3 Description: The issue allows remote CIFS servers to cause a denial of service, resulting in a NULL pointer dereference and client system crash, or possibly have unspecified other impact. This occurs when...
UBUNTU-CVE-2014-3177
Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176...
FreeBSD Security Advisory (FreeBSD-SA-11:05.unix.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-11:05.unix.asc ADV FreeBSD-SA-11:05.unix.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-11:05.unix.asc Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft...
FreeBSD Security Advisory (FreeBSD-SA-11:05.unix.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-11:05.unix.asc SPDX-FileCopyrightText: 2011 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
system-config-firewall: privilege escalation flaw via use of python pickle
fwdbus.py in system-config-firewall 1.2.29 and earlier uses the pickle Python module unsafely during D-Bus communication between the GUI and the backend, which might allow local users to gain privileges via a crafted serialized object...
kernel: tipc: Fix oops on send prior to entering networked mode
The Transparent Inter-Process Communication TIPC functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service kernel OOPS by sending datagrams through AFTIPC before entering network mode, which triggers a NULL pointer...
FreeBSD Security Advisory (FreeBSD-SA-09:09.pipe.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:09.pipe.asc ADV FreeBSD-SA-09:09.pipe.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-09:09.pipe.asc Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...
FreeBSD Security Advisory FreeBSD-SA-09:09.pipe
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-09:09.pipe Security Advisory The FreeBSD Project Topic: Local information disclosure via direct pipe writes Category: core Module: kern Announced: 2009-06-10...
iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability
Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability iDefense Security Advisory 10.02.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 02, 2007 I. BACKGROUND Solaris is a UNIX operating system developed by Sun Microsystems. More information can be found at the...
security flaw
Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bug...
In W2K, elevated several attack instances of success or failure experiences-vulnerability and early warning-the black bar safety net
Speaking of the Virus are related to elevation of Privilege issues, the so-called elevation of privilege is the use of the system loopholes to obtain higher Privilege to. For example, you use the General user account to log on to Windows NT/Windows 2 0 0 0, You can only make a limited operation,...
CVE-2002-1883
CVE-2002-1883 affects Trolltech Qt Assistant 1.0 within Trolltech Qt 3.0.3 when loaded from the Designer, which opens port 7358 for interprocess communication. This enables remote attackers to open arbitrary HTML pages and cause a denial of service. The connected Red Hat and CVE records corrobora...
CVE-2002-1883
Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the Designer, opens port 7358 for interprocess communication, which allows remote attackers to open arbitrary HTML pages and cause a denial of service...