585 matches found
Debian Security Advisory DSA 3696-1 (linux - security update)
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-8956 It was discovered that missing input sanitising in RFCOMM Bluetooth socket handling may result in denial of service or information leak...
lib32-glibc: denial of service
clntudpcall allocates a buffer, using alloca, to store the payload of an incoming socket error. If a malicious server floods the client with crafted ICMP and UDP packets, this can cause the client to allocate sufficiently many such temporary buffers to cause a stack frame overflow denial of...
Apple OS X IOUSBInterfaceUserClient Elevation of Privilege Vulnerability
Apple OS X is an operating system from Apple. Apple OS X suffers from an elevation of privilege vulnerability. The vulnerability stems from the IOUSBInterfaceUserClient interface failing to ensure that the user provides a buffer allocated within the scope of the claim, allowing a local attacker t...
Comodo - Integer Overlow Leading to Heap Overflow Parsing Composite Documents
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=762 In COleMemFile::LoadDiFatList, values from the header are used to parse the document FAT. If header.csectDif is very high, the calculation overflows and a very small buffer is allocated. The document FAT is then memcpy'd onto t...
Linux Kernel - io_submit L2TP sendmsg Integer Overflow
/ Source: https://code.google.com/p/google-security-research/issues/detail?id=735 In certain kernel versions it is possible to use the AIO subsystem iosubmit syscall to pass size values larger than MAXRWCOUNT to the networking subsystem's sendmsg implementation. In the L2TP PPP sendmsg...
Linux io_submit L2TP sendmsg - Integer Overflow
Exploit for linux platform in category dos / poc / Source: https://code.google.com/p/google-security-research/issues/detail?id=735 In certain kernel versions it is possible to use the AIO subsystem iosubmit syscall to pass size values larger than MAXRWCOUNT to the networking subsystem's sendmsg...
Apple IOS PDF Reader Parsing Memory Corruption (CVE-2014-4377)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Mozilla Firefox MPEG4 saio Chunk Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
(Pwn2Own) Adobe Reader array_push_slowly Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the arraypushslowly function...
Adobe Reader U3D array boundary code execution (APSB10-02: CVE-2009-3953)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Unbreakable Enterprise kernel security update
kernel-uek 3.8.13-68.1.3 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930551 CVE-2014-9584 - KEYS: close race between key lookup and freeing Sasha Levin Orabug: 20930548 CVE-2014-9529 CVE-2014-9529 - mm: memcg: do not allow task about to OOM kill to bypass the limit Johannes...
IBM Lotus Domino GIF Integer Truncation Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The flaw exists within the nrouter.exe component which handles e-mails dispatched from nsmtp.exe listening on port 25...
Adobe Acrobat and Reader Memory Corruption (APSB14-28: CVE-2014-8459)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Flash Player and AIR Heap Overflow (APSB14-21; CVE-2014-0559)
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an improper buffer allocation while handling specially crafted SWF files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...
Adobe Acrobat and Reader Memory Corruption (APSB14-15: CVE-2014-0523)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Kroum Grigorov KpyM Telnet Server 1.0 - Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9379/info KpyM Telnet Server has been reported to be prone to a remote denial of service vulnerability. Due to a lack of resource limitations, a remote attacker may negotiate multiple connections to the affected server...
OpenBSD 3.3 Semget() Integer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/8464/info A vulnerability has been discovered in the OpenBSD semget system call. The problem occurs due to insufficient sanity checks before allocating memory using the user-supplied nsems value as an argument. As a resul...
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6.3 Extended Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which gi...
Adobe Acrobat and Reader Memory Corruption (APSB14-15: CVE-2014-0526)
A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...
Adobe Acrobat and Reader Buffer Overflow (APSB14-15; CVE-2014-0511)
A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...