flash-plugin: multiple security flaws (APSB10-14)

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newfunction 0x44 operator, a different vulnerability than CVE-2010-2173...

Adobe Flash Player "newfunction" Invalid Pointer Use

This module exploits a vulnerability in the DoABC tag handling within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash...

Apple Webkit Attribute Child Removal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute remote code on vulnerable installations of Apple Webkit. User interaction is required in that a target must be coerced into visiting a malicious page. The specific flaw exists within Webkit's process for destructing attribute objects via the...

Microsoft Internet Explorer Stylesheet Array Removal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required in that a target must visit a malicious page. The specific flaw exists within IE's support for the CStyleSheet object. When a style sheet...

Apple Safari parent.close() Invalid Pointer Code Execution

Added: 05/28/2010 CVE: CVE-2010-1939 BID: 39990 OSVDB: 64482 Background Safari is a web browser for Mac OS X and Windows. Problem Apple Safari 4.0.5 for Windows and probably earlier allows remote attackers to execute arbitrary code by enticing the user to open a crafted HTML document. The crafted...

Apple Safari parent.close() Invalid Pointer Code Execution

Added: 05/28/2010 CVE: CVE-2010-1939 BID: 39990 OSVDB: 64482 Background Safari is a web browser for Mac OS X and Windows. Problem Apple Safari 4.0.5 for Windows and probably earlier allows remote attackers to execute arbitrary code by enticing the user to open a crafted HTML document. The crafted...

CVE-2009-4134

Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service application crash via a large ZSIZE value in a black-and-white aka B/W RGB image that triggers an invalid pointer dereference...

CVE-2009-4134

Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service application crash via a large ZSIZE value in a black-and-white aka B/W RGB image that triggers an invalid pointer dereference...

CVE-2009-4134

CVE-2009-4134: In Python 2.5, the rgbimg module has a buffer underflow that can cause a denial of service via a crafted B/W SGI-like RGB image with a large ZSIZE, triggering an invalid pointer dereference. The vulnerability is referenced in multiple advisories and vendor bulletins (e.g., MiracleL...

Secunia Flags 'Highly Critical' Safari Zero Day Flaw

A zero-day vulnerability in Apple’s Safari browser could expose millions of Windows users to drive-by download malware attacks. The flaw is currently unpatched. According to an alert from Secunia, the issue is rated “highly critical” because of the risk of remote code execution attacks that can...

VulnCheck KEV: CVE-2007-4367

Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."...

CentOS Update for wireshark CESA-2010:0360 centos4 i386

Check for the Version of wireshark OpenVAS Vulnerability Test CentOS Update for wireshark CESA-2010:0360 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

RedHat Update for wireshark RHSA-2010:0360-01

Check for the Version of wireshark OpenVAS Vulnerability Test RedHat Update for wireshark RHSA-2010:0360-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Pointer Vulnerability

VUPEN Security Research - Sun Java JDK/JRE AWT Library Invalid Pointer Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Java is a programming language and computing platform released by Sun Microsystems. It is the underlying technology that powers...

Memory corruption

Use-after-free vulnerability in the Peer Objects component aka iepeers.dll in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, a...

CVE-2010-0806

Use-after-free vulnerability in the Peer Objects component aka iepeers.dll in Microsoft Internet Explorer 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via vectors involving access to an invalid pointer after the deletion of an object, as exploited in the wild in March 2010, a...

Novell GroupWise Messenger HTTP POST Request Invalid Memory Access (CVE-2006-4511)

Novell GroupWise Messenger is a corporate instant messaging solution targeted towards medium to large enterprise organizations. It facilitates secure communications and policy-based management through Novell's eDirectory product suite. The product is based on a client-server model where messaging...

kernel: fuse: prevent fuse_put_request on invalid pointer

No description is available for this CVE...

Microsoft Internet Explorer Remote Code Execution Vulnerability (979352)

The host is installed with Internet Explorer and is prone to Remote Code Execution vulnerability. This NVT has been replaced by NVT secpodms10-002.nasl OID:1.3.6.1.4.1.25623.1.0.901097. OpenVAS Vulnerability Test $Id: gbmsiedepremotecodeexecvuln.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft...

kernel: fuse: prevent fuse_put_request on invalid pointer

The fusedirectio function in fs/fuse/file.c in the fuse subsystem in the Linux kernel before 2.6.32-rc7 might allow attackers to cause a denial of service invalid pointer dereference and OOPS via vectors possibly related to a memory-consumption attack...