605 matches found
CVE-2016-4333
The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the...
UBUNTU-CVE-2016-4333
The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the...
CVE-2016-4333
The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the...
The vulnerability of Google Chrome browser allows a malicious actor to trigger a service failure.
The Google Chrome browser contains a vulnerability related to incorrect numerical transformations when processing typed arrays. Exploiting this vulnerability allows malicious actors to cause service interruptions access to the array beyond its boundaries or otherwise affect the system by using...
(Pwn2Own) Microsoft Edge JavaScript fill Out-Of-Bounds Access Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementatio...
Apple OS X IOAcceleratorFamily2 Out-Of-Bounds Indexing Privilege Escalation Vulnerability
This vulnerability allows local attackers to elevate privileges on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the IOAcceleratorFamily2 interface. The issue lies i...
SAP 3D Visual Enterprise Viewer JPEG2000 Out-Of-Bounds Indexing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
SuSE 11.3 Security Update : Mozilla Firefox (SAT Patch Number 10524)
Mozilla Firefox was updated to the 31.5.3ESR release to fix two security vulnerabilities : - Security researcher ilxu1a reported, through HP Zero Day Initiative's Pwn2Own contest, a flaw in Mozilla's implementation of typed array bounds checking in JavaScript just-in-time compilation JIT and its...
SeaMonkey < 2.33.1 Multiple Vulnerabilities
The version of Mozilla SeaMonkey installed on the remote host is prior to 2.33.1. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists due to an out-of-bounds error in typed array bounds checking within 'asmjs/AsmJSValidate.cpp', which relates to...
Firefox < 36.0.3 JIT Code Execution (Mac OS X)
The version of Mozilla Firefox installed on the remote Mac OS X host is prior to 36.0.3. It is, therefore, affected by a remote code execution vulnerability due to an out-of-bounds error in typed array bounds checking within 'asmjs/AsmJSValidate.cpp', which relates to just-in-time compilation for...
USN-2538-1 firefox vulnerabilities
A flaw was discovered in the implementation of typed array bounds checking in the Javascript just-in-time compilation. If a user were tricked in to opening a specially crafted website, an attacked could exploit this to execute arbitrary code with the privileges of the user invoking Firefox...
Microsoft Internet Explorer CSS Out-Of-Bounds Indexing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Ubuntu: Security Advisory (USN-1423-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-1418-1: GnuTLS vulnerabilities
Alban Crequy discovered that the GnuTLS library incorrectly checked array bounds when copying TLS session data. A remote attacker could crash a client application, leading to a denial of service, as the client application prepared for TLS session resumption. CVE-2011-4128 Matthew Hall discovered...
Debian DSA-2357-1 : evince - several vulnerabilities
Jon Larimer from IBM X-Force Advanced Research discovered multiple vulnerabilities in the DVI backend of the Evince document viewer : - CVE-2010-2640 Insufficient array bounds checks in the PK fonts parser could lead to function pointer overwrite, causing arbitrary code execution. - CVE-2010-2641...
Microsoft Internet Explorer Select Element Insufficient Type Checking Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer 8. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ho...
RealNetworks RealPlayer Malformed IVR Object Index Code Execution Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when parsing a RealMed...
[SECURITY] [DSA 1646-2] New squid packages fix array bounds check
------------------------------------------------------------------------ Debian Security Advisory DSA-1646-2 [email protected] http://www.debian.org/security/ Devin Carraway October 11, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1646-2] New squid packages fix array bounds check
------------------------------------------------------------------------ Debian Security Advisory DSA-1646-2 [email protected] http://www.debian.org/security/ Devin Carraway October 11, 2008 http://www.debian.org/security/faq -...
[SECURITY] [DSA-1646-1] New squid packages fix array bounds check
------------------------------------------------------------------------ Debian Security Advisory DSA-1646-1 [email protected] http://www.debian.org/security/ Devin Carraway October 07, 2008 http://www.debian.org/security/faq -...