Adobe Flash - MovieClip Attach init Object Use-After-Free

Adobe Flash - MovieClip Attach init Object Use-After-Free Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1006 The attached file causes a use-after-free in attaching a MovieClip and applying the init object. Proof of Concept:...

Adobe Flash - MovieClip Attach init Object Use-After-Free

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1006 The attached file causes a use-after-free in attaching a MovieClip and applying the init object. Proof of Concept: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/41609.zip...

UBUNTU-CVE-2017-5578

Memory leak in the virtiogpuresourceattachbacking function in hw/display/virtio-gpu.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service host memory consumption via a large number of VIRTIOGPUCMDRESOURCEATTACHBACKING commands...

USN-3136-1 lxc vulnerability

Roman Fiedler discovered a directory traversal flaw in lxc-attach. An attacker with access to an LXC container could exploit this flaw to access files outside of the container...

CVE-2016-8649

lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat family of syscalls...

UBUNTU-CVE-2016-8649

lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat family of syscalls...

DSA-3715-1 moin - security update

Bulletin has no description...

Android debuggerd.cpp elevation of privilege vulnerability

Android is a mobile operating system based on the Linux open kernel, and Debuggerd is one of the system startup process components. An elevation of privilege vulnerability exists in the debuggerd/debuggerd.cpp file in Android Debuggerd, which stems from the program's failure to properly handle th...

CVE-2016-5138

Integer overflow in the kbasepvinstrattachclient function in midgard/malikbasevinstr.c in Google Chrome before 52.0.2743.85 allows remote attackers to cause a denial of service heap-based buffer overflow and use-after-free by leveraging an unrestricted multiplication...

DEBIAN-CVE-2016-3096

The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...

PYSEC-2016-1

The createscript function in the lxccontainer module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on 1 /opt/.lxc-attach-script, 2 the archived container in the archivepath directory, or the 3...

DEBIAN-CVE-2016-2782

The treoattach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by inserting a USB device that lacks a 1 bulk-in or 2...

The vulnerability of the Android operating system, which allows a perpetrator to bypass security measures or obtain confidential information

The vulnerability of the BnGraphicBufferConsumer::onTransact function libs/gui/IGraphicBufferConsumer.cpp in the mediaserver component of the Android operating system exists due to the lack of initialization for certain types of variables. Exploiting this vulnerability could allow a malicious act...

Android mediaserver security bypass vulnerability (CNVD-2016-01673)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA. mediaserver is one of the multimedia service components. The libs/gui/IGraphicBufferConsumer.cpp file in the mediaserver in version 5.x before Android 5.1.1 LMY49H and version 6.x...

CVE-2016-0828

The BnGraphicBufferConsumer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not initialize a certain slot variable, which allows attackers to obtain sensitive information, and consequently bypass an...

UBUNTU-CVE-2016-2782

The treoattach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service NULL pointer dereference and system crash or possibly have unspecified other impact by inserting a USB device that lacks a 1 bulk-in or 2...

Google Chrome DOM Homology Policy Bypass Vulnerability (CNVD-2016-01234)

Google Chrome is a popular web browser. Google Chrome's DOM implementation process fails to properly handle the execution order of frame-attach and frame-detach operations, allowing remote attackers to build specially crafted Web sites to bypass the same-origin policy...

USN-2895-1 oxide-qt vulnerabilities

The DOM implementation in Chromium did not properly restrict frame-attach operations from occurring during or after frame-detach operations. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2016-16...

chromium-browser: same-origin bypass in DOM

The DOM implementation in Google Chrome before 48.0.2564.109 does not properly restrict frame-attach operations from occurring during or after frame-detach operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to FrameLoader.cpp,...

CVE-2016-1623

The DOM implementation in Google Chrome before 48.0.2564.109 does not properly restrict frame-attach operations from occurring during or after frame-detach operations, which allows remote attackers to bypass the Same Origin Policy via a crafted web site, related to FrameLoader.cpp,...