667 matches found
CVE-2016-7867
CVE-2016-7867 affects Adobe Flash Player before 24.0.0.186 (Linux/NPAPI legacy and Windows/ActiveX contexts in multiple advisories). The vulnerability is a buffer overflow/underflow in the RegExp class related to bookmarking in searches, leading to arbitrary code execution when exploited. Arch Li...
CVE-2016-7868
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution...
CVE-2016-7869
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution...
flash-plugin: multiple code execution issues fixed in APSB16-39
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution...
CVE-2016-7870
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class for specific search strategies. Successful exploitation could lead to arbitrary code execution...
CVE-2016-7867
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to bookmarking in searches. Successful exploitation could lead to arbitrary code execution...
CVE-2016-7868
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to alternation functionality. Successful exploitation could lead to arbitrary code execution...
CVE-2016-7869
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable buffer overflow / underflow vulnerability in the RegExp class related to backtrack search functionality. Successful exploitation could lead to arbitrary code execution...
Adobe Flash Player RegExp THEN Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
PT-2016-2960 · Adobe +3 · Flash Player +3
Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 23.0.0.207 and earlier Adobe Flash Player versions 11.2.202.644 and earlier Description: The issue is caused by a buffer boundary violation in the RegExp class of the Flash Player platform. Exploitation of this iss...
Adobe Flash Player RegExp PRUNE Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Adobe Flash Player RegExp MARK Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
[SECURITY] Fedora 25 Update: tre-0.8.0-18.20140228gitc2f5d13.fc25
TRE is a lightweight, robust, and efficient POSIX compatible regexp matching library with some exciting features such as approximate matching...
[SECURITY] Fedora 23 Update: tre-0.8.0-18.20140228gitc2f5d13.fc23
TRE is a lightweight, robust, and efficient POSIX compatible regexp matching library with some exciting features such as approximate matching...
VBScript 5.8.7600.16385/5.8.9600.16384 - RegExpComp::PnodeParse Out-of-Bounds Read
!-- Source: http://blog.skylined.nl/20161108001.html Synopsis A specially crafted script can cause the VBScript engine to read data beyond a memory block for use as a regular expression. An attacker that is able to run such a script in any application that embeds the VBScript engine may be able t...
UBUNTU-CVE-2016-7506
An out-of-bounds read vulnerability was observed in Spreplaceregexp function of Artifex Software, Inc. MuJS before 5000749f5afe3b956fc916e407309de840997f4a. A successful exploitation of this issue can lead to code execution or denial of service condition...
openSUSE Security Update : glibc (openSUSE-2016-1149)
This update for glibc fixes the following issues : Security issues fixed : - arm: mark startcontext as .cantunwind CVE-2016-6323, boo994359, BZ 20435 Bugs fixed : - aarch64: Merge localmultiplethreads offset with memory reference - Fix memory leak in regexp compiler BZ 17069 - Provide correct...
FreeBSD : phpmyadmin -- multiple vulnerabilities (ef70b201-645d-11e6-9cdc-6805ca0b3d42)
The phpmyadmin development team reports : Weakness with cookie encryption Multiple XSS vulnerabilities Multiple XSS vulnerabilities PHP code injection Full path disclosure SQL injection attack Local file exposure Local file exposure through symlinks with UploadDir Path traversal with SaveDir and...
F5 Networks BIG-IP : Multiple PCRE vulnerabilities (K20225390)
CVE-2015-8395 PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, a related issue to...
V8 browser kernel vulnerability, which allows a hacker to trigger a service failure
The vulnerability of the regexp implementation in the V8 browser kernel is related to incorrect handling of string lengths. Exploiting this vulnerability can allow an attacker, operating remotely, to trigger a service failure memory overflow, by using specially crafted JavaScript code...