Autodesk Design Review GIF LZW Out-Of-Bounds Indexing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Autodesk Design Review. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

chromium-browser: integer overflow in angle

Type confusion in libGLESv2 in ANGLE in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android possibly allowed a remote attacker to bypass buffer validation via a crafted HTML page...

UBUNTU-CVE-2016-5221

Type confusion in libGLESv2 in ANGLE in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android possibly allowed a remote attacker to bypass buffer validation via a crafted HTML page...

CVE-2016-5221

Type confusion in libGLESv2 in ANGLE in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android possibly allowed a remote attacker to bypass buffer validation via a crafted HTML page...

CVE-2016-5221

Type confusion in libGLESv2 in ANGLE in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android possibly allowed a remote attacker to bypass buffer validation via a crafted HTML page...

UBUNTU-CVE-2016-2452

codecs/amrnb/dec/SoftAMR.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature ...

CVE-2016-2452

CVE-2016-2452 affects Android mediaserver (libstagefright) — specifically codecs/amrnb/dec/SoftAMR.cpp — where buffer sizes are not properly validated. The issue resides in the AMR-NB decoding path and can allow a local attacker to escalate privileges to Signature or SignatureOrSystem by deliveri...

CVE-2013-3674

The cdgdecodeframe function in cdgraphics.c in libavcodec in FFmpeg before 1.2.1 does not validate the presence of non-header data in a buffer, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash via crafted CD Graphics Video data...

Ubuntu: Security Advisory (USN-433-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2009-1255 · Microsoft · Windows Server 2008 +6

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 2000 SP4 through 2000 SP4, XP SP2 through XP SP3, Server 2003 SP1 through Server 2003 SP2, Vista Gold through Vista SP1, and Server 2008 Description: The issue allows remote attackers to execute arbitrary code via...

PT-2009-05: CA Internet Security Suite Denial of Service Vulnerability

Positive Technologies Research Team has discovered a denial of service DoS vulnerability in CA Internet Security Suite. The IOCTL handler in vetmonnt.sys does not properly validate buffer data associated with the Irp object, which allows local users to crash the system. Solution Install latest...

PT-2009-01: PGP Desktop Pgpdisk.sys And Pgpwded.sys Multiple Vulnerabilities

Positive Technologies Research Team has discovered several vulnerabilities in PGP Desktop. 1. The IOCTL handler in pgpdisk.sys does not properly validate buffer data associated with the Irp object, which allows local users to crash the system. Severity Rating : Severity: Medium Impact: Denial of...

CVE-2008-3431

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...

CVE-2008-3431

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...

CVE-2008-3431

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHODNEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \.\VBoxDrv device and...

CVE-2008-3431

CVE-2008-3431 affects Sun xVM VirtualBox on Windows prior to 1.6.4. The VBoxDrv.sys driver handles IOCTLs with METHOD_NEITHER and fails to validate the user-supplied buffer, enabling a local unprivileged user to craft a kernel address and gain kernel privileges by calling DeviceIoControl to the ....

Realtek HD音频Codec驱动（Vista）本地权限提升漏洞

BUGTRAQ ID: 28909 Realtek HD音频Codec驱动是很多Realtek声卡所使用的音频驱动程序。 32位Vista平台上的Realtek HD音频Codec驱动（RTKVHDA.sys）和64位Vista平台上的Realtek HD音频Codec驱动（RTKVHDA64.sys）没有正确地验证用户态缓冲区，本地攻击者可以利用这个漏洞在系统上执行任意内核态指令。 Realtek HD Audio Codec Driver R1.90 Realtek ------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

PT-2008-07: VMware Multiple Products hcmon.sys Denial of Service Vulnerability

Positive Technologies Research Team has discovered denial of service vulnerabilities in VMware products. The IOCTL handler in hcmon.sys does not properly validate buffer data associated with the Irp object, which allows local users with administrative priviligies to crash the system. Solution...

Microsoft Security Bulletin MS07-065 – Important Vulnerability in Message Queuing Could Allow Remote Code Execution (937894)

Microsoft Security Bulletin MS07-065 – Important Vulnerability in Message Queuing Could Allow Remote Code Execution 937894 Published: December 11, 2007 Version: 1.0 General Information Executive Summary This important security update resolves a privately reported vulnerability in Message Queuing...

[Reversemode Advisory] CheckPoint ZoneLabs Vsdatant.sys multiple local privilege escalation vulnerabilities

CHECK POINT ZONE LABS PRODUCTS MULTIPLE LOCAL PRIVILEGE ESCALATION VULNERABILITIES Ruben Santamarta rubenatreversemodedotcom 08.20.2007 Affected Products: ZoneAlarm 7.0.362 Vsdatant.sys is exposed via “.vsdatant”. The permissive ACL allows everyone to invoke privileged IOCTLs implemented in the...