340 matches found
CVE-2014-9411
In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection...
CVE-2016-10344
CVE-2016-10344 affects Qualcomm components in Android CAF builds using the Linux kernel, where an out-of-range pointer offset in LTE could be exploited. The entry lists a high-severity impact (CVSS v3 base score 9.8, CRITICAL) with attack vector Network and no user interaction, but the provided d...
CVE-2014-9411
In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection...
Null pointer dereference
In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist...
CVE-2014-9929
In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist...
CVE-2014-9929
In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist...
CVE-2014-9929
CVE-2014-9929 refers to a Use of Out-of-range Pointer Offset vulnerability in WCDMA for Android CAF builds using the Linux kernel. Public entries describe the root cause as an out-of-range pointer offset (with at least one linked source labeling the issue as a Null pointer dereference). The vulne...
CVE-2015-9002
This CVE concerns Google Android TrustZone, where a DRM routine in the TrustZone DRM path can suffer an out-of-range pointer offset (integer overflow) vulnerability. Connected CNVD entry explicitly states an integer overflow in the TrustZone DRM routine exists on Android, and that an attacker cou...
CVE-2014-9929
In WCDMA in all Android releases from CAF using the Linux kernel, a Use of Out-of-range Pointer Offset vulnerability could potentially exist...
Adobe Shockwave Player <= 11.5.7.609 (APSB10-20) (Mac OS X)
The remote Mac OS X host contains a version of Adobe Shockwave Player that is 11.5.7.609 or earlier. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist that allow arbitrary code execution. CVE-2010-2863, CVE-2010-2864, CVE-2010-2866, CVE-2010-2869,...
VulnCheck KEV: CVE-2009-3129
Microsoft Office Excel allows remote attackers to execute arbitrary code via a spreadsheet with a FEATHEADER record containing an invalid cbHdrData size element that affects a pointer offset...
Memory corruption
The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a Director movie containing a GIF image with a crafted global color table size value, which causes an out-of-range pointer offset...
CVE-2010-4189
The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a Director movie containing a GIF image with a crafted global color table size value, which causes an out-of-range pointer offset...
VulnCheck KEV: CVE-2010-3653
The Director module dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited...
Microsoft Excel - Malformed FEATHEADER Record (MS09-067) (Metasploit)
$Id: ms09067excelfeatheader.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
CVE-2010-2867
DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted movie, related to a...
Null pointer dereference
DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return value associated with the rcsL chunk in a Director movie, which allows remote attackers to cause a denial of service heap memory corruption or execute arbitrary code via a crafted movie, related to a...
Shockwave Player < 11.5.8.612
The remote Windows host contains a version of Adobe's Shockwave Player that is earlier than 11.5.8.612. Such versions are potentially affected by the following issues : - Multiple memory corruption issues exist that could lead to arbitrary code execution. CVE-2010-2863, CVE-2010-2864,...
MS09-067 Microsoft Excel Malformed FEATHEADER Record Vulnerability
This module exploits a vulnerability in the handling of the FEATHEADER record by Microsoft Excel. Revisions of Office XP and later prior to the release of the MS09-067 bulletin are vulnerable. When processing a FEATHEADER Shared Feature record, Microsoft used a data structure from the file to...
Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious spreadsheet. The specific flaw exists in the handling of Shared Feature...