Joyent SmartOS Hyprlofs FS IOCTL Add Entries Native File System Denial of Service Vulnerability

Summary An exploitable denial of service exists in the the Joylent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES. An attacker can cause a buffer to be allocated and never freed. When repeatedly exploit...

Joyent SmartOS Hyprlofs FS IOCTL Add Entries 32-bit File System Denial of Service Vulnerability

Summary An exploitable denial of service exists in the the Joylent SmartOS OS 20161110T013148Z Hyprlofs file system. The vulnerability is present in the Ioctl system call with the command HYPRLOFSADDENTRIES when used with a 32 bit model. An attacker can cause a buffer to be allocated and never...

CVE-2016-8654

A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected...

DLA-711-1 curl - security update

Bulletin has no description...

Debian Security Advisory DSA 3696-1 (linux - security update)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2015-8956 It was discovered that missing input sanitising in RFCOMM Bluetooth socket handling may result in denial of service or information leak...

The vulnerability of the Firefox browser, which allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of the WebSocketChannel class in the Firefox WebSockets subsystem is caused by a numerical overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code or trigger a service failure memory corruption using specially crafted packets that cause incorrect...

lib32-glibc: denial of service

clntudpcall allocates a buffer, using alloca, to store the payload of an incoming socket error. If a malicious server floods the client with crafted ICMP and UDP packets, this can cause the client to allocate sufficiently many such temporary buffers to cause a stack frame overflow denial of...

Apple OS X IOUSBInterfaceUserClient Elevation of Privilege Vulnerability

Apple OS X is an operating system from Apple. Apple OS X suffers from an elevation of privilege vulnerability. The vulnerability stems from the IOUSBInterfaceUserClient interface failing to ensure that the user provides a buffer allocated within the scope of the claim, allowing a local attacker t...

Comodo - Integer Overlow Leading to Heap Overflow Parsing Composite Documents

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=762 In COleMemFile::LoadDiFatList, values from the header are used to parse the document FAT. If header.csectDif is very high, the calculation overflows and a very small buffer is allocated. The document FAT is then memcpy'd onto t...

Linux Kernel - io_submit L2TP sendmsg Integer Overflow

/ Source: https://code.google.com/p/google-security-research/issues/detail?id=735 In certain kernel versions it is possible to use the AIO subsystem iosubmit syscall to pass size values larger than MAXRWCOUNT to the networking subsystem's sendmsg implementation. In the L2TP PPP sendmsg...

Linux io_submit L2TP sendmsg - Integer Overflow

Exploit for linux platform in category dos / poc / Source: https://code.google.com/p/google-security-research/issues/detail?id=735 In certain kernel versions it is possible to use the AIO subsystem iosubmit syscall to pass size values larger than MAXRWCOUNT to the networking subsystem's sendmsg...

Apple IOS PDF Reader Parsing Memory Corruption (CVE-2014-4377)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

Mozilla Firefox MPEG4 saio Chunk Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

(Pwn2Own) Adobe Reader array_push_slowly Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the arraypushslowly function...

Adobe Reader U3D array boundary code execution (APSB10-02: CVE-2009-3953)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

Unbreakable Enterprise kernel security update

kernel-uek 3.8.13-68.1.3 - isofs: Fix unchecked printing of ER records Jan Kara Orabug: 20930551 CVE-2014-9584 - KEYS: close race between key lookup and freeing Sasha Levin Orabug: 20930548 CVE-2014-9529 CVE-2014-9529 - mm: memcg: do not allow task about to OOM kill to bypass the limit Johannes...

IBM Lotus Domino GIF Integer Truncation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The flaw exists within the nrouter.exe component which handles e-mails dispatched from nsmtp.exe listening on port 25...

Adobe Acrobat and Reader Memory Corruption (APSB14-28: CVE-2014-8459)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

Adobe Flash Player and AIR Heap Overflow (APSB14-21; CVE-2014-0559)

A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to an improper buffer allocation while handling specially crafted SWF files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

Adobe Acrobat and Reader Memory Corruption (APSB14-15: CVE-2014-0523)

A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...