Design/Logic Flaw

The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the 1 Console or 2 Controls property, which allows...

CVE-2008-0984

The MP4 demuxer mp4.c for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file...

Design/Logic Flaw

The MP4 demuxer mp4.c for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file...

CVE-2008-0984

The MP4 demuxer mp4.c for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file...

DEBIAN-CVE-2008-0984

The MP4 demuxer mp4.c for VLC media player 0.8.6d and earlier, as used in Miro Player 1.1 and earlier, allows remote attackers to overwrite arbitrary memory and execute arbitrary code via a malformed MP4 file...

Debian: Security Advisory (DSA-1107)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TPTI-08-02: Cisco Call Manager CTLProvider Heap Overflow Vulnerability

TPTI-08-02: Cisco Call Manager CTLProvider Heap Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-08-02 January 16, 2008 -- CVE ID: CVE-2008-0027 -- Affected Vendor: Cisco -- Affected Products: Cisco Call Manager 4.13 -- Vulnerability Details: This vulnerability allows remote...

Debian Security Advisory DSA 1107-1 (gnupg)

The remote host is missing an update to gnupg announced via advisory DSA 1107-1. Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free PGP replacement contains an integer overflow that can cause a segmentation fault and possibly overwrite memory via a large user ID strings. For the...

VLC 0.86 < 0.86d ActiveX Remote Bad Pointer Initialization PoC

Exploit for unknown platform in category dos / poc ============================================================== VLC 0.86 var mm = null; if target != null...

VideoLAN VLC Media Player 0.86 &lt; 0.86d - ActiveX Remote Bad Pointer Initialization

var mm = null; if target != null var param1 = unescape"%u0505%u0505"; var salame = "defaultV"; var salame2 = 1; var salame3 = 0; ag = unescape"%uCCCC%uCCCC"; sh = unescape"%u9090%u9090%u9090%u9090%u9090%u9090%u9090%u90...

KLA10257 Vulnerability in Macrovision SafeDisc

A buffer overflow was found in Macrovision SafeDisc. By exploiting this vulnerability malicious users can overwrite arbitrary memory locations and gain privileges. This vulnerability can be exploited locally via a specially designed argument. Original advisories - Related products...

Boa &#40;with Intersil Extensions&#41; - HTTP Basic Authentication Bypass

Secure Network - Security Research Advisory Vuln name: HTTP Basic Authentication Bypass Systems affected: Boa/0.93.15 with Intersil Extensions based systems i.e. FreeLan 802.11g Wireless Access Point RO80211G-AP Severity: High Local/Remote: Remote Vendor URL: http://www.boa.org -...

CVE-2007-4648

The nvcoaft51 driver in Norman Virus Control NVC 5.82 uses weak permissions unrestricted write access for the NvcOa device, which allows local users to gain privileges by 1 triggering a buffer overflow in a kernel pool via a string argument to ioctl 0xBF67201C; or by 2 sending a crafted KEVENT...

CVE-2007-3673

Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via ...

CVE-2007-3673

Symantec symtdi.sys before 7.0.0, as distributed in Symantec AntiVirus Corporate Edition 9 through 10.1 and Client Security 2.0 through 3.1, Norton AntiSpam 2005, and Norton AntiVirus, Internet Security, Personal Firewall, and System Works 2005 and 2006; allows local users to gain privileges via ...

CVE-2007-3681

The IOCTL 9031 BIOCGSTATS handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet Irp parameters...

CVE-2007-3681

The CVE-2007-3681 issue affects WinPcap’s NPF.SYS kernel driver (before 4.0.1). The IOCTL 9031 handler BIOCGSTATS allows local users to overwrite memory via malformed Irp parameters, enabling arbitrary code execution in kernel context. Impact is local privilege escalation. Remediation is to upgra...

DEBIAN-CVE-2007-3506

The ftbitmapassurebuffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."...

CVE-2007-2893

Heap-based buffer overflow in the bxne2kc::rxframe function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges on the host operating system via vectors that cause TXCNT register...

ZDI-07-023: Apple QTJava toQTPointer&#40;&#41; Pointer Arithmetic Memory Overwrite Vulnerability

ZDI-07-023: Apple QTJava toQTPointer Pointer Arithmetic Memory Overwrite Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-07-023.html May 1, 2007 -- CVE ID: CVE-2007-2175 -- Affected Vendor: Apple -- Affected Products: Quicktime -- TippingPointTM IPS Customer Protection: TippingPoint...