CVE-2012-1515

VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine...

Linux privilege escalation

Under some condirions memwrite allows to overrite process memory...

Debian DSA-2357-1 : evince - several vulnerabilities

Jon Larimer from IBM X-Force Advanced Research discovered multiple vulnerabilities in the DVI backend of the Evince document viewer : - CVE-2010-2640 Insufficient array bounds checks in the PK fonts parser could lead to function pointer overwrite, causing arbitrary code execution. - CVE-2010-2641...

[SECURITY] [DSA 2357-1] evince security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2357-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez December 03, 2011 http://www.debian.org/security/faq -...

DSA-2357-1 evince - several

Bulletin has no description...

Moderate: Red Hat Security Advisory: xen security and bug fix update

Updated xen packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Debian Security Advisory DSA 2287-1 (libpng)

The remote host is missing an update to libpng announced via advisory DSA 2287-1. OpenVAS Vulnerability Test $Id: deb22871.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2287-1 libpng Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

Debian DSA-2287-1 : libpng - several vulnerabilities

The PNG library libpng has been affected by several vulnerabilities. The most critical one is the identified as CVE-2011-2690. Using this vulnerability, an attacker is able to overwrite memory with an arbitrary amount of data controlled by her via a crafted PNG image. The other vulnerabilities ar...

DSA-2287-1 libpng - several vulnerabilities

Bulletin has no description...

Buffer overflow

Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the pngrgbtogray function but not the pngsetexpand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and...

CVE-2011-2690

CVE-2011-2690 affects libpng across multiple branches (1.0.x <1.0.55, 1.2.x <1.2.45, 1.4.x <1.4.8, 1.5.x

CVE-2011-2690

Buffer overflow in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4, when used by an application that calls the pngrgbtogray function but not the pngsetexpand function, allows remote attackers to overwrite memory with an arbitrary amount of data, and...

ZDI-11-212: Adobe Shockwave KEY* Chunk Invalid Size Remote Code Execution Vulnerability

ZDI-11-212: Adobe Shockwave KEY Chunk Invalid Size Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-212 June 14, 2011 -- CVE ID: CVE-2011-2111 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player --...

ZDI-11-075: Adobe Acrobat Reader rt3d.dll Multimedia Playing Arbitrary Memory Overwite Remote Code Execution Vulnerability

ZDI-11-075: Adobe Acrobat Reader rt3d.dll Multimedia Playing Arbitrary Memory Overwite Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-075 February 8, 2011 -- CVE ID: CVE-2011-0606 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Adobe -- Affected...

Adobe Acrobat Reader rt3d.dll Multimedia Playing Arbitrary Memory Overwite Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the rt3d.dl...

Null pointer dereference

The doexit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a KERNELDS getfs value, which allows local users to bypass intended accessok restrictions, overwrite arbitrary kernel memory locations, and gain privileges by leveraging a 1 BUG, 2 NULL pointer...

Design/Logic Flaw

The pfsgetextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x before 8.0-RC1 unlocks a mutex that was not previously locked, which allows local users to cause a denial of service kernel panic, overwrite arbitrary memory locations, and possibly execute arbitrary code via vectors related to...

CVE-2010-4210

The CVE-2010-4210 issue affects FreeBSD: pfs_getextattr in pseudofs unlocks a mutex that was not locked. On systems with pseudofs-mounted filesystems and NULL page mapping allowed, an attacker can overwrite kernel memory and potentially execute code in the kernel; on systems without NULL page map...

Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite

Exploit for linux platform in category dos / poc ========================================================== Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite ========================================================== / CVE-2010-2963 Arbitrary write memory write via v4l1 compat ioctl. Kee...

Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite

/ CVE-2010-2963 Arbitrary write memory write via v4l1 compat ioctl. Kees Cook greets to drosenberg, spender, taviso / define GNUSOURCE include include include include include include "expframework.h" include include include include include include include include include include struct capheadert...