Website Traffic Visualization: Logstalgia

Website Traffic Visualization Logstalgia is a website traffic visualization that replays or streams web-server access logs as a pong-like battle between the web server and an never ending torrent of requests. Requests appear as colored balls the same color as the host which travel across the scre...

Apple Mac OS X Multiple Vulnerabilities -02 (Sep 2014)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

VirtualBox 3D Acceleration Virtual Machine Escape Exploit

This Metasploit module exploits a vulnerability in the 3D Acceleration support for VirtualBox. The vulnerability exists in the remote rendering of OpenGL-based 3D graphics. By sending a sequence of specially crafted of rendering messages, a virtual machine can exploit an out of bounds array acces...

Oracle VM VirtualBox 4.3.6 - 3D Acceleration Virtual Machine Escape (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' class Metasploit3 'VirtualBox 3D Acceleration Virtual Machine Escape', 'Description' = %q This module exploits a vulnerability in the 3D...

VirtualBox 3D Acceleration Virtual Machine Escape

This module exploits a vulnerability in the 3D Acceleration support for VirtualBox. The vulnerability exists in the remote rendering of OpenGL-based 3D graphics. By sending a sequence of specially crafted rendering messages, a virtual machine can exploit an out of bounds array access to corrupt...

VirtualBox 3D acceleration of virtual machine escape vulnerabilities in the advanced use-vulnerability warning-the black bar safety net

In the previous blog, we share a affect the Xen hypervisor client-to-host guest-to-host escape vulnerability the use of technology. In this new blog article we will focus on another VM escape vulnerability, VirtualBox the. A few months ago, our core security friends released a about the impact of...

CVE-2014-1373

Intel Graphics Driver in Apple OS X before 10.9.4 does not properly restrict an unspecified OpenGL API call, which allows attackers to execute arbitrary code via a crafted application...

CVE-2014-1373

Intel Graphics Driver in Apple OS X before 10.9.4 does not properly restrict an unspecified OpenGL API call, which allows attackers to execute arbitrary code via a crafted application...

SGI IRIX 6.2 libgl.so Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1527/info Certain versions of IRIX ship with a version libgl.so which is vulnerable to buffer overflow attacks. This library, libgl.so, is used in conjunction with graphical programs which use OpenGL. As a result a number...

MGASA-2014-0185 Updated virtualbox packages fixes security vulnerabilities

VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local guest OS users to execute arbitrary code on the Chromium server via crafted Chromium network pointer ...

Memory corruption

VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local guest OS users to execute arbitrary code on the Chromium server via crafted Chromium network pointer ...

CORE-2014-0002 - Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities 1. Advisory Information Title: Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities Advisory ID: CORE-2014-0002 Advisory URL:...

Oracle VM VirtualBox - 3D Acceleration Multiple Vulnerabilities

Oracle VM VirtualBox - 3D Acceleration Multiple Vulnerabilities Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities 1. Advisory Information Title: Oracle VirtualBox 3D Acceleration Multiple Memory...

Oracle VM VirtualBox - 3D Acceleration Multiple Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities 1. Advisory Information Title: Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities Advisory ID: CORE-2014-0002 Advisory URL:...

Oracle VirtualBox 3D Acceleration Memory Corruption Vulnerability

Core Security Technologies Advisory - Multiple memory corruption vulnerabilities have been found in the code that implements 3D Acceleration for OpenGL graphics in Oracle VirtualBox. These vulnerabilities could allow an attacker who is already running code within a Guest OS to escape from the...

Oracle VirtualBox 3D Acceleration Memory Corruption

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities 1. Advisory Information Title: Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities Advisory ID: CORE-2014-0002 Advisory URL:...

Solaris 10 (x86) : 123614-02 (deprecated)

X11 6.6.2x86: OpenGL patch. Date this patch was last updated by Sun : May/30/12 This plugin has been deprecated and either replaced with individual 123614 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on...

Amazon Linux AMI : xorg-x11-server (ALAS-2011-13)

Multiple input sanitization flaws were found in the X.Org GLX OpenGL extension to the X Window System extension. A malicious, authorized client could use these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges. CVE-2010-4818 An input sanitization flaw wa...

Oracle Linux 6 : qt (ELSA-2012-0880)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2012-0880 advisory. - Resolves: bz805433, CVE-2011-3922 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

Debian DSA-2704-1 : mesa - out of bounds access

It was discovered that applications using the mesa library, a free implementation of the OpenGL API, may crash or execute arbitrary code due to an out of bounds memory access in the library. This vulnerability only affects systems with Intel chipsets. The oldstable distribution squeeze is not...