2110 matches found
Critical: Red Hat Security Advisory: samba4 security update
Updated samba4 packages that fix one security issue are now available for Red Hat Enterprise Linux 6.4 and 6.5 Extended Update Support. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution
An uninitialized pointer use flaw was found in the Samba daemon smbd. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd by default, the root user...
samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution
An uninitialized pointer use flaw was found in the Samba daemon smbd. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd by default, the root user...
Critical: Red Hat Security Advisory: samba3x security update
Updated samba3x packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fro...
samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution
An uninitialized pointer use flaw was found in the Samba daemon smbd. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd by default, the root user...
samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution
An uninitialized pointer use flaw was found in the Samba daemon smbd. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd by default, the root user...
samba: talloc free on uninitialized stack pointer in netlogon server could lead to remote-code execution
An uninitialized pointer use flaw was found in the Samba daemon smbd. A malicious Samba client could send specially crafted netlogon packets that, when processed by smbd, could potentially lead to arbitrary code execution with the privileges of the user running smbd by default, the root user...
Critical: Red Hat Security Advisory: samba security update
Updated samba packages that fix one security issue are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from...
samba: arbitrary code execution
A malicious client could send packets that may set up the stack in such a way that the freeing of memory in a subsequent anonymous netlogon packet could allow execution of arbitrary code. This code would execute with root privileges. This flaw arises because of an uninitialized pointer is passed ...
PolarSSL 'asn1_get_sequence_of' Function Uninitialized Pointer RCE
PolarSSL contains a flaw when parsing ASN.1 sequences from X.509 certificates due to freeing an uninitialized pointer by the function 'asn1getsequenceof' within file 'asn1parse.c'. An unauthenticated, remote attacker, using a specially crafted certificate, can exploit this flaw to cause a denial ...
Null pointer dereference
The exifprocessunicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service uninitialized pointer free and application crash via crafted EXIF data in a JPEG image...
CVE-2015-0232
The exifprocessunicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service uninitialized pointer free and application crash via crafted EXIF data in a JPEG image...
UBUNTU-CVE-2015-0232
The exifprocessunicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute arbitrary code or cause a denial of service uninitialized pointer free and application crash via crafted EXIF data in a JPEG image...
php: remote code execution
CVE-2014-9427 information leak, remote code execution A one-byte file containing only the '' character, not followed by any newline, causes php-cgi to do an out of bound read, potentially disclosing sensitive information present in memory or even triggering code execution if adjacent memory...
polarssl -- Remote attack using crafted certificates
PolarSSL team reports: During the parsing of a ASN.1 sequence, a pointer in the linked list of asn1sequence is not initialized by asn1getsequenceof. In case an error occurs during parsing of the list, a situation is created where the uninitialized pointer is passed to polarsslfree. This sequence...
Internet Bug Bounty: Free called on unitialized pointer in exif.c
This bug was reported directly to php: https://bugs.php.net/bug.php?id=68799 It has been patched in the 5.4, 5.5 and 5.6 branch. 5.4 branch http://git.php.net/?p=php-src.git;a=commit;h=2fc178cf448d8e1b95d1314e47eeef610729e0df 5.5 branch...
MIT Kerberos ASN.1 asn1_decode_generaltime Uninitialized Pointer Reference - Ver2 (CVE-2009-0846)
MIT Kerberos V5 is an implementation of the Kerberos protocol that allows for the negotiation of an authenticated, and optionally encrypted, communication channel between two points on a network. The MIT Kerberos V5 server utilizes the encrypted SUN-RPC protocol to communicate with its remote...
VMWare Workstation / Player DoS
Uninitialized potiner dereference on IOCTL processing...
EnterpriseDB Advanced Server 8.2 Uninitialized Pointer Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25481/info EnterpriseDB Advanced Server is prone to an uninitialized-pointer vulnerability. Authenticated attackers can exploit this issue to cause denial-of-service conditions. Given the nature of this vulnerability,...
Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution
No description provided by source. Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution homepage: http://www.quest.com/intrust/ description: InTrust securely collects, stores, reports and alerts on event log data from Windows, Unix and...