Firefox < 36.0.3 JIT Code Execution (Mac OS X)

The version of Mozilla Firefox installed on the remote Mac OS X host is prior to 36.0.3. It is, therefore, affected by a remote code execution vulnerability due to an out-of-bounds error in typed array bounds checking within 'asmjs/AsmJSValidate.cpp', which relates to just-in-time compilation for...

SeaMonkey < 2.33.1 Multiple Vulnerabilities

The version of Mozilla SeaMonkey installed on the remote host is prior to 2.33.1. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists due to an out-of-bounds error in typed array bounds checking within 'asmjs/AsmJSValidate.cpp', which relates to...

USN-2538-1 firefox vulnerabilities

A flaw was discovered in the implementation of typed array bounds checking in the Javascript just-in-time compilation. If a user were tricked in to opening a specially crafted website, an attacked could exploit this to execute arbitrary code with the privileges of the user invoking Firefox...

Microsoft Internet Explorer CSS Out-Of-Bounds Indexing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Ubuntu: Security Advisory (USN-1423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-1418-1: GnuTLS vulnerabilities

Alban Crequy discovered that the GnuTLS library incorrectly checked array bounds when copying TLS session data. A remote attacker could crash a client application, leading to a denial of service, as the client application prepared for TLS session resumption. CVE-2011-4128 Matthew Hall discovered...

Debian DSA-2357-1 : evince - several vulnerabilities

Jon Larimer from IBM X-Force Advanced Research discovered multiple vulnerabilities in the DVI backend of the Evince document viewer : - CVE-2010-2640 Insufficient array bounds checks in the PK fonts parser could lead to function pointer overwrite, causing arbitrary code execution. - CVE-2010-2641...

Microsoft Internet Explorer Select Element Insufficient Type Checking Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer 8. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within ho...

RealNetworks RealPlayer Malformed IVR Object Index Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when parsing a RealMed...

[SECURITY] [DSA 1646-2] New squid packages fix array bounds check

------------------------------------------------------------------------ Debian Security Advisory DSA-1646-2 [email protected] http://www.debian.org/security/ Devin Carraway October 11, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1646-2] New squid packages fix array bounds check

------------------------------------------------------------------------ Debian Security Advisory DSA-1646-2 [email protected] http://www.debian.org/security/ Devin Carraway October 11, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA-1646-1] New squid packages fix array bounds check

------------------------------------------------------------------------ Debian Security Advisory DSA-1646-1 [email protected] http://www.debian.org/security/ Devin Carraway October 07, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA-1646-1] New squid packages fix array bounds check

------------------------------------------------------------------------ Debian Security Advisory DSA-1646-1 [email protected] http://www.debian.org/security/ Devin Carraway October 07, 2008 http://www.debian.org/security/faq -...

Debian DSA-1646-1 : squid - array bounds check

A weakness has been discovered in squid, a caching proxy server. The flaw was introduced upstream in response to CVE-2007-6239, and announced by Debian in DSA-1482-1. The flaw involves an over-aggressive bounds check on an array resize, and could be exploited by an authorized client to induce a...

DSA-1646-2 squid - array bounds check

Bulletin has no description...

Buffer overflow principle analysis and protection-vulnerability warning-the black bar safety net

【Abstract】this article from the programming language itself of the defect,is not robust to the perspective,a detailed analysis of buffer overflow attacks the basic principles,describes hackers exploit buffer vulnerabilities system attacks the General process,finally and briefly discussed several...

security flaw

The rosertioctl function in roseroute.c for Radionet Open Source Environment ROSE in Linux 2.6 kernels before 2.6.12, and 2.4 before 2.4.29, does not properly verify the ndigis argument for a new route, which allows attackers to trigger array out-of-bounds errors with a large number of digipeats...