Unmediated PCI command register access in qemu

ISSUE DESCRIPTION HVM guests are currently permitted to modify the memory and I/O decode bits in the PCI command register of devices passed through to them. Unless the device is an SR-IOV virtual function, after disabling one or both of these bits subsequent accesses to the MMIO or I/O port range...

Microsoft Internet Explorer TransNavContext Information Disclosure Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Festo CECX-X-(C1/M1) Controller Vulnerabilities

OVERVIEW This advisory was originally posted to the US-CERT secure Portal library on March 25, 2014, and is now being released to the NCCIC/ICS-CERT web site. K. Reid Wightman of IOActive, Inc. has identified vulnerabilities in Festo’s CECX-X-C1 and CECX-X-M1 controllers. Festo has decided not to...

CVE-2014-3392

The Clientless SSL VPN portal in Cisco ASA Software 8.2 before 8.25.51, 8.3 before 8.32.42, 8.4 before 8.47.23, 8.6 before 8.61.15, 9.0 before 9.04.24, 9.1 before 9.15.12, 9.2 before 9.22.8, and 9.3 before 9.31.1 allows remote attackers to obtain sensitive information from process memory or modif...

CVE-2014-3560

NetBIOS name services daemon nmbd in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in stringwrappers.h...

CVE-2014-3560

NetBIOS name services daemon nmbd in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows remote attackers to execute arbitrary code via unspecified vectors that modify heap memory, involving a sizeof operation on an incorrect variable in the unstrcpy macro in stringwrappers.h...

Detours to modify the paragraph properties of vulnerability-vulnerability warning-the black bar safety net

Detours to modify the paragraph properties of the vulnerability Affected Software and systems Detours3. 0 and previous versions Description This issue will be its positioning as a vulnerability may be less suitable, the more likely that Detours a BUG, but because the defect will cause the exploit...

CVE-2014-3312

The debug console interface on Cisco Small Business SPA300 and SPA500 phones does not properly perform authentication, which allows local users to execute arbitrary debug-shell commands, or read or modify data in memory or a filesystem, via direct access to this interface, aka Bug ID CSCun77435...

CVE-2014-2969

NETGEAR GS108PE Prosafe Plus switches with firmware 1.2.0.5 have a hardcoded password of debugpassword for the ntgruser account, which allows remote attackers to upload firmware or read or modify memory contents, and consequently execute arbitrary code, via a request to 1 produceburn.cgi, 2...

Basic Integer Overflows

Introduction Basic Integer Overflow : In this paper we are going to describe two classes of programming bugs which can sometimes allow a malicious user to modify the execution path of an affected process. Both of these classes of bug work by causing variables to contain unexpected values, and so...

KLA10065 Multiple vulnerabilities in Apache httpd

Multiple serious vulnerabilities have been found in Apache httpd. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code, obtain sensitive information or bypass security restrictions. Below is a complete list of vulnerabilities 1. An...

Cisco Unified IP Phones Local Kernel System Call Input Validation Vulnerability

Cisco Unified IP Phones 7900 Series versions 9.31SR1 and prior contain an arbitrary code execution vulnerability that could allow a local attacker to execute code or modify arbitrary memory with elevated privileges. This vulnerability is due to a failure to properly validate input passed to kerne...

Linux Kernel 2.6.36-rc8 - 'RDS Protocol' Local Privilege Escalation

// source: http://www.vsecurity.com/resources/advisory/20101019-1/ / Linux Kernel Copyright 2010 Virtual Security Research, LLC The handling functions for sending and receiving RDS messages use unchecked copyuserinatomic functions without any access checks on user-provided pointers. As a result, ...

CVE-2010-0742

The Cryptographic Message Syntax CMS implementation in crypto/cms/cmsasn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, a...

CVE-2010-0742

The Cryptographic Message Syntax CMS implementation in crypto/cms/cmsasn1.c in OpenSSL before 0.9.8o and 1.x before 1.0.0a does not properly handle structures that contain OriginatorInfo, which allows context-dependent attackers to modify invalid memory locations or conduct double-free attacks, a...

Hackers used a variety of free kill technology induction-vulnerability warning-the black bar safety net

One, you want to make a Trojan horsefree kill The first thing to prepare one without the shell of the Trojan Horse, this point is very important, otherwise free killoperation can not be performed indefinitely. Then we want to Trojan the memory offree to kill, from the above analysis it can be see...

MS09-061: Vulnerabilities in the Microsoft .NET Framework 3.5.1 Common Language Runtime Could Allow Remote Code Execution (974378)

Binary data 5224.prm...

MS09-061: Vulnerabilities in the Microsoft .NET Framework 2.0 Common Language Runtime Could Allow Remote Code Execution (974378)

Binary data 5221.prm...

MS09-061: Vulnerabilities in the Microsoft .NET Framework 2.0 SP1 Common Language Runtime Could Allow Remote Code Execution (974378)

Binary data 5222.prm...

MS09-061: Vulnerabilities in the Microsoft .NET Common Language Runtime Could Allow Remote Code Execution (974378)

The remote Windows host is running a version of the Microsoft .NET Framework that is affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the Microsoft .NET Framework that could allow a malicious Microsoft .NET application to obtain a managed pointer to stack...