166 matches found
Scientific Linux Security Update : firefox on SL6.x i386/x86_64 (20180515)
This update upgrades Firefox to version 52.8.0 ESR. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 60 and Firefox ESR 52.8 CVE-2018-5150 - Mozilla: Backport critical security fixes in Skia CVE-2018-5183 - Mozilla: Use-after-free with SVG animations and clip paths CVE-2018-5154 -...
Microsoft Windows - 'nt!NtQuerySystemInformation (SystemPageFileInformation(Ex))' Kernel 64-bit Stack Memory Disclosure
/ We have discovered that the nt!NtQuerySystemInformation system call invoked with the SystemPageFileInformation 0x12 and SystemPageFileInformationEx 0x90 information classes discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 7 t...
Windows Kernel 64-bit pool memory disclosure in NtQueryVirtualMemory(MemoryMappedFilenameInformation)(CVE-2018-0894)
We have discovered that the nt!NtQueryVirtualMemory system call invoked with the 2 information class MemoryMappedFilenameInformation discloses portions of uninitialized kernel pool memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 7 to 10. The output buffer for thi...
389-ds-base: remote Denial of Service (DoS) via search filters in SetUnicodeStringFromUTF_8 in collate.c
An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service...
DEBIAN-CVE-2018-7438
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parseunicodestring function...
UBUNTU-CVE-2018-7438
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parseunicodestring function...
CVE-2018-7438
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parseunicodestring function...
Updated kdebase4-runtime packages fix security vulnerability
A user could sneak an unicode string terminator in the kdesu invocation, which could hide the fact that more commands could be executed CVE-2016-7787...
MGASA-2017-0473 Updated kdebase4-runtime packages fix security vulnerability
A user could sneak an unicode string terminator in the kdesu invocation, which could hide the fact that more commands could be executed CVE-2016-7787...
CVE-2017-16368
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability leads to a stack-based buffer overflow condition in the internal Unicode string...
Stack overflow
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability leads to a stack-based buffer overflow condition in the internal Unicode string...
CVE-2017-16368
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability leads to a stack-based buffer overflow condition in the internal Unicode string...
CVE-2017-11007
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of stack corruption due to buffer overflow of Partition name while converting ascii string to unicode string in function HandleMetaImgFlash...
Stack overflow
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of stack corruption due to buffer overflow of Partition name while converting ascii string to unicode string in function HandleMetaImgFlash...
activesupport Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in activesupport/lib/activesupport/coreext/string/outputsafety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a...
GHSA-9FH3-VH3H-Q4G3 activesupport Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in activesupport/lib/activesupport/coreext/string/outputsafety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting XSS vulnerability in activesupport/lib/activesupport/coreext/string/outputsafety.rb in Ruby on Rails 2.x before 2.3.13, 3.0.x before 3.0.10, and 3.1.x before 3.1.0.rc5 allows remote attackers to inject arbitrary web script or HTML via a malformed Unicode string, related to a...
FLARE Script Series: Querying Dynamic State using the FireEye Labs Query-Oriented Debugger (flare-qdb)
Introduction This post continues the FireEye Labs Advanced Reverse Engineering FLARE script series. Here, we introduce flare-qdb, a command-line utility and Python module based on vivisect for querying and altering dynamic binary state conveniently, iteratively, and at scale. flare-qdb works on...
Debian DLA-761-2 : python-bottle regression update
The update for python-bottle issued as DLA 761-1 would cause a crash if a unicode string was used in a header. Updated packages are now available to correct this issue. For Debian 7 'Wheezy', these problems have been fixed in version 0.10.11-1+deb7u3. We recommend that you upgrade your...
openSUSE Security Update : kde-cli-tools5 (openSUSE-2016-1171)
This update for kde-cli-tools5 fixes the following vulnerability : - CVE-2016-7787: user could sneak an unicode string terminator in the kdesu invocation boo1001916 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...