EUVD-2011-1422

Malware in sbrugna...

SUSE CVE-2011-1290

Integer overflow in WebKit, as used on the Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets,...

SUSE CVE-2011-1344

Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 CDMA; and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag,...

Debian DSA-2192-1 : chromium-browser - several vulnerabilities

Several vulnerabilities were discovered in the Chromium browser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2011-0779 Google Chrome before 9.0.597.84 does not properly handle a missing key in an extension, which allows remote attackers to cause a...

Integer overflow

Integer overflow in WebKit, as used on the Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246, in Google Chrome before 10.0.648.133, and in Apple Safari before 5.0.5, allows remote attackers to execute arbitrary code via unknown vectors related to CSS "style handling," nodesets,...

CVE-2011-1416

The Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011...

CVE-2011-1416

The Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011...

Design/Logic Flaw

The Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011...

CVE-2011-1416

The Research In Motion RIM BlackBerry Torch 9800 with firmware 6.0.0.246 allows attackers to read the contents of memory locations via unknown vectors, as demonstrated by Vincenzo Iozzo, Willem Pinckaers, and Ralf-Philipp Weinmann during a Pwn2Own competition at CanSecWest 2011...

CVE-2011-1417

CVE-2011-1417 is an integer overflow in QuickLook as used by macOS and iOS when handling Microsoft Word/OfficeArtMetafileHeader data, enabling remote code execution or memory corruption with crafted Office documents and potentially causing application crashes. The vulnerability was demonstrated i...

CVE-2011-1416

CVE-2011-1416 pertains to the RIM BlackBerry Torch 9800 with firmware 6.0.0.246, where an attacker could read memory contents via unknown vectors. The linked sources reference a Pwn2Own/CanSecWest 2011 demonstration by Iozzo, Pinckaers, and Weinmann. The vulnerability affects memory disclosure wi...

CVE-2011-1345

Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, as demonstrated by Stephen Fewer as the first of three chained vulnerabilities...

CVE-2011-1347

Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to bypass Protected Mode and create arbitrary files by leveraging access to a Low integrity process, as demonstrated by Stephen Fewer as the third of three chained vulnerabilities during a Pwn2Own...

Design/Logic Flaw

Use-after-free vulnerability in WebKit, as used in Apple Safari before 5.0.5; iOS before 4.3.2 for iPhone, iPod, and iPad; iOS before 4.2.7 for iPhone 4 CDMA; and possibly other products allows remote attackers to execute arbitrary code by adding children to a WBR tag and then removing the tag,...

Design/Logic Flaw

Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to bypass Protected Mode and create arbitrary files by leveraging access to a Low integrity process, as demonstrated by Stephen Fewer as the third of three chained vulnerabilities during a Pwn2Own...

Memory corruption

Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, as demonstrated by Stephen Fewer as the first of three chained vulnerabilities...

CVE-2011-1346

CVE-2011-1346 : In Microsoft Internet Explorer 8 on Windows 7, an uninitialized variable information leak in IE (when creating a new Option element) can disclose memory layout, potentially defeating ASLR and aiding remote code execution as part of the Pwn2Own 2011 chain. Exploitation requires vis...

CVE-2011-1347

Microsoft Internet Explorer 8 on Windows 7 is affected by a Protected Mode bypass vulnerability (CVE-2011-1347) that allowed an attacker to create arbitrary files by leveraging access to a Low integrity process, demonstrated during Pwn2Own 2011 by Stephen Fewer as the third of three chained vulne...