111 matches found
DEBIAN-CVE-2018-11743
The initcopy function in kernel.c in mruby 1.4.1 makes initializecopy calls for TTICLASS objects, which allows attackers to cause a denial of service mrbhashkeys uninitialized pointer and application crash or possibly have unspecified other impact...
Microsoft Edge Chakra JIT - Escape Analysis Bug Exploit
Exploit for windows platform in category dos / poc / Escape analysis: https://en.wikipedia.org/wiki/Escapeanalysis Chakra fails to detect if "tmp" escapes the scope, allocates it to the stack. This may lead to dereference uninitialized stack values. PoC: / function opt let tmp = ; tmp0 = tmp;...
Microsoft Edge Chakra - StackScriptFunction::BoxState::Box Accesses to Uninitialized Pointers (Denial of Service)
Microsoft Edge Chakra - StackScriptFunction::BoxState::Box Accesses to Uninitialized Pointers Denial of Service / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1338 Here's a snippet of the method that interprets a javascript function's bytecode. Js::Var...
Microsoft Edge Chakra - 'StackScriptFunction::BoxState::Box' Accesses to Uninitialized Pointers (Denial of Service)
/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1338 Here's a snippet of the method that interprets a javascript function's bytecode. Js::Var Js::InterpreterStackFrame::INTERPRETERLOOPNAME PROBESTACKscriptContext, Js::Constants::MinStackInterpreter; closureInitDone...
Microsoft Edge Chakra StackScriptFunction::BoxState::Box Uninitialized Pointers Exploit
Exploit for windows platform in category dos / poc Microsoft Edge: Chakra: Accesses to uninitialized pointers in StackScriptFunction::BoxState::Box CVE-2017-11809 Here's a snippet of the method that interprets a javascript function's bytecode. Js::Var Js::InterpreterStackFrame::INTERPRETERLOOPNAM...
Microsoft Edge Chakra StackScriptFunction::BoxState::Box Uninitialized Pointers
Microsoft Edge: Chakra: Accesses to uninitialized pointers in StackScriptFunction::BoxState::Box CVE-2017-11809 Here's a snippet of the method that interprets a javascript function's bytecode. Js::Var Js::InterpreterStackFrame::INTERPRETERLOOPNAME PROBESTACKscriptContext,...
Autodesk FBX-SDK Security Bypass Vulnerability
Autodesk FBX-SDK is a free software development platform and API toolkit for C++ from Autodesk. A security vulnerability exists in Autodesk FBX-SDK 2017.0 and earlier versions. An attacker can exploit the vulnerability to gain access to uninitialized pointers...
CVE-2016-9305
Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers...
CVE-2016-9305
Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers...
Input validation
Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers...
CVE-2016-9305
The CVE 2016-9305 entry concerns Autodesk FBX-SDK prior to 2017.1 where improper handling of type mismatches and deleted objects while reading/converting malformed FBX files can lead to access to uninitialized pointers. This vulnerability is described across multiple sources (including CNVD and N...
CVE-2016-9305
Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers...
Chrony Memory Corruption Vulnerability
Chrony is a tool for computer time synchronization that implements the NTP protocol and can be used as both a client-side and a server-side program, which is particularly suitable for maintaining computer time accuracy in environments without network connectivity. Chrony has uninitialized pointer...
Microsoft Office multiple security vulnerabilities
Memory corruptions, index overflows, use-after-free, uninitialized pointers...
Medium: libX11, libXcursor, libXfixes, libXi, libXrandr, libXrender, libXres, libXt, libXv, libXvMC, libXxf86dga, libXxf86vm, libdmx, xorg-x11-proto-devel
Issue Overview: Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol data to an X11 server via a malicious X11 client could use either of these flaws t...
libXt: Memory corruption due to unchecked use of unchecked function pointers
A flaw was found in the way the X.Org X11 libXt runtime library used uninitialized pointers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client...
Several vulnerabilities found in IcedTea-Web
The IcedTea project team reports: CVE-2012-3422: Use of uninitialized instance pointers An uninitialized pointer use flaw was found in IcedTea-Web web browser plugin. A malicious web page could use this flaw make IcedTea-Web browser plugin pass invalid pointer to a web browser. Depending on the...
IBM Rational Rhapsody BBFlashBack.Recorder.1 TestCompatibilityRecordMode Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Rational Rhapsody. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within BB FlashBa...
kernel: uninit op in SOCKOPS_WRAP() leads to privesc
The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in protoops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on...
Linux kernel uninitialized pointers
protoops structure uninitialized pointers...