68 matches found
CVE-2019-12678
A vulnerability in the Session Initiation Protocol SIP inspection module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The...
CVE-2017-2618
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty null write to this file can crash the system by causing the system to attempt to access unmapped kernel memory...
The Sleuth Kit Buffer Overflow Vulnerability (CNVD-2018-14708)
The Sleuth Kit TSK is a collection of data forensic tools developed by software developer Brian Carrier. The tools are able to analyze file systems such as FAT, NTFS, UFS, etc. and provide detailed information about the file system, including deleted data. A buffer overflow vulnerability exists i...
The Sleuth Kit Buffer Overflow Vulnerability (CNVD-2018-14707)
The Sleuth Kit TSK is a collection of data forensic tools developed by software developer Brian Carrier. The tools are able to analyze file systems such as FAT, NTFS, UFS, etc. and provide detailed information about the file system, including deleted data. A buffer overflow vulnerability exists i...
UBUNTU-CVE-2018-11740
An issue was discovered in libtskbase.a in The Sleuth Kit TSK from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tskUTF16toUTF8 in tsk/base/tskunicode.c which could be leveraged by an attacker to disclose information or manipulated to read from...
Out-of-bounds
An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service...
UBUNTU-CVE-2018-11697
An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service...
kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate)
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty null write to this file can crash the system by causing the system to attempt to access unmapped kernel memory...
kernel: Off-by-one error in selinux_setprocattr (/proc/self/attr/fscreate)
A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty null write to this file can crash the system by causing the system to attempt to access unmapped kernel memory...
Vulnerability of Adobe Reader software, which allows a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information
The vulnerability exists in the Adobe Reader API due to the access to unmaped memory. Exploiting this vulnerability allows attackers to execute arbitrary code by using API calls...
The vulnerabilities in Acrobat software allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability exists in the Acrobat API due to the access to unmaped memory. Exploiting this vulnerability allows attackers to execute arbitrary code by using API calls...
wild copy-exploits-vulnerability warning-the black bar safety net
0x00 Preface This is Project Zero on the articles, the original text of the Taming the wild copy: Parallel Thread Corruption of Links: http://googleprojectzero.blogspot.com/2015/03/taming-wild-copy-parallel-thread.html 2 0 0 2 year, Apache Web serverfound and fixed a very fun bug. The server...
Adobe Flash Player Memory Corruption (APSB14-24: CVE-2014-8441)
A memory corruption vulnerability has been reported in Adobe Flash Player. Successful exploitation of this vulnerability may allow the attacker to access unmapped memory on the target system...
Adobe Acrobat and Reader API Calls Code Execution (APSB14-15; CVE-2014-0525)
A remote code execution vulnerability has been reported in Adobe Acrobat and Reader. The vulnerability is due to the way Reader handles certain API calls to unmapped memory that could lead to code execution. A remote attacker can exploit this issue by enticing a target user to open a specially...
Code injection
The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via unspecified API calls...
SuSE Update for MozillaThunderbird openSUSE-SU-2013:1141-1 (MozillaThunderbird)
Check for the Version of MozillaThunderbird OpenVAS Vulnerability Test $Id: gbsuse201311411.nasl 8542 2018-01-26 06:57:28Z teissa $ SuSE Update for MozillaThunderbird openSUSE-SU-2013:1141-1 MozillaThunderbird Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH,...
MozillaFirefox: Update to Firefox 22.0 release (important)
MozillaFirefox was updated to Firefox 22.0 bnc825935 Following security issues were fixed: MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 Miscellaneous memory safety hazards MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer MFSA 2013-51/CVE-2013-1687...
CVE-2013-1690
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service application crash or...
Mozilla: Execution of unmapped memory through onreadystatechange event (MFSA 2013-53)
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service application crash or...
Mozilla: Execution of unmapped memory through onreadystatechange event (MFSA 2013-53)
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service application crash or...