CVE-2013-1728

Affected software: Mozilla Firefox (before 24.0), Thunderbird (before 24.0), and SeaMonkey (before 2.21). Root cause: IonMonkey memory not properly initialized when Valgrind mode is used, enabling potential leakage of sensitive data. Impact: remote attackers could obtain sensitive information via...

CVE-2013-1728

The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors...

CVE-2013-1728

The IonMonkey JavaScript engine in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21, when Valgrind mode is used, does not properly initialize memory, which makes it easier for remote attackers to obtain sensitive information via unspecified vectors...

CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

DEBIAN-CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

CVE-2013-4075

epan/dissectors/packet-gmr1bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service application crash via a crafted packet...

Design/Logic Flaw

CoreMedia Playback in Apple Mac OS X before 10.8.4 does not properly initialize memory during the processing of text tracks, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted movie file...

CVE-2013-1024

CVE-2013-1024 is a memory‑initialization flaw in CoreMedia Playback for Mac OS X before 10.8.4, triggered by processing text tracks in a crafted movie file, allowing remote code execution or a denial of service. Related advisories reference Apple HT5784/HT6001, but the provided documents do not s...

PT-2013-2052 · Microsoft · .Net Framework

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 1.0 SP3 through 4.5 Description: An information disclosure issue exists due to improper initialization of memory arrays in the Windows Forms component. This allows remote attackers to obtain sensitive...

Scientific Linux Security Update : kernel on SL5.x i386/x86_64

These new kernel packages contain fixes for the following security issues : - a flaw in the handling of IPv6 type 0 routing headers that allowed remote users to cause a denial of service that led to a network amplification between two routers CVE-2007-2242, Important. - a flaw in the nfnetlinklog...

CVE-2011-3406

Buffer overflow in Active Directory, Active Directory Application Mode ADAM, and Active Directory Lightweight Directory Service AD LDS in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote...

Buffer overflow

Buffer overflow in Active Directory, Active Directory Application Mode ADAM, and Active Directory Lightweight Directory Service AD LDS in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote...

PT-2011-4435 · Microsoft · Windows Xp +7

Name of the Vulnerable Software and Affected Versions: Active Directory versions prior to the fixed version Active Directory Application Mode ADAM versions prior to the fixed version Active Directory Lightweight Directory Service AD LDS versions prior to the fixed version Microsoft Windows XP...

Ubuntu 10.10 : linux vulnerabilities (USN-1183-1)

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Neil Horman discovered that NFSv4 did not correctly handle...

CVE-2011-1824

CVE-2011-1824 affects Opera versions older than 10.61. The vulnerability arises in VEGAOpBitmap::AddLine when processing a SELECT element’s SIZE attribute, causing an uninitialized memory write that can crash the application or potentially allow arbitrary code execution. Exploitation involves lar...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1086-1)

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4075 Dan Rosenberg discovered that the socket filters did not correctly...

CVE-2011-0636

The CVE-2011-0636 entry/issue affects NVIDIA CUDA Toolkit 3.2 developer drivers for Linux (260.19.26) and possibly other versions, where the functions cudaHostAlloc and cuMemHostAlloc do not initialize pinned memory. This can allow local users to read potentially sensitive memory (e.g., file frag...