CVE-2007-5341

Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8...

CVE-2007-5341

CVE-2007-5341 (Firefox Venkman RCE) : The connected documents confirm a remote code execution vulnerability in the Venkman script debugger of Mozilla Firefox, affecting versions before 2.0.0.8. They identify the affected component and vulnerable version but do not provide the underlying root caus...

Microsoft Edge Chakra - Heap Buffer Overflow Exploit

Exploit for windows platform in category dos / poc IsCoroutine ... else InterpreterStackFrame::Setup setupfunction, args; sizet varAllocCount = setup.GetAllocationVarCount; //printf"varAllocCount: %d%X\r\n", varAllocCount, varAllocCount; sizet varSizeInBytes = varAllocCount sizeofVar; // //...

The vulnerability of the Mercurial version control software lies in its lack of access control mechanisms, allowing attackers to execute arbitrary code.

The vulnerability of the Mercurial version control software is related to deficiencies in access control using the command-line parameter “hg serve --stdio”. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, using a Python debugger, by replacing the...

[SECURITY] Fedora 25 Update: seamonkey-2.48-1.fc25

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

[SECURITY] Fedora 26 Update: seamonkey-2.48-1.fc26

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

[SECURITY] Fedora 26 Update: ocaml-4.04.0-10.fc26

OCaml is a high-level, strongly-typed, functional and object-oriented programming language from the ML family of languages. This package comprises two batch compilers a fast bytecode compiler and an optimizing native-code compiler, an interactive toplevel system, parsing tools Lex,Yacc, a replay...

CVE-2017-10734

IrfanView version 4.44 32bit might allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .rle file, related to an "Invalid Handle starting at wow64!Wow64NotifyDebugger+0x000000000000001d."...

The vulnerability of the Linux operating system’s kernel debugger FIQ allows a hacker to execute arbitrary code.

The vulnerability of the Linux operating system’s kernel debugger FIQ is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to enhance their privileges and execute arbitrary code in the kernel context, using a local malicious application...

[SECURITY] [DLA 1005-1] mercurial security update

Package : mercurial Version : 2.2.2-4+deb7u4 CVE ID : CVE-2017-9462 Debian Bug : 861243 In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. For Debian 7...

CVE-2017-9778

GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB...

Updated mercurial packages fix security vulnerability

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name...

MGASA-2017-0182 Updated mercurial packages fix security vulnerability

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name...

Microsoft Windows - 'win32k!ClientPrinterThunk' Kernel Stack Memory Disclosure

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1186 We have discovered that it is possible to disclose portions of uninitialized kernel stack memory to user-mode applications in Windows 7 other platforms untested indirectly through the win32k!NtGdiOpenDCW system call. The...

Microsoft Windows - nt!NtQueryInformationJobObject (BasicLimitInformation_ ExtendedLimitInformation) Kernel Stack Memory Disclosure

Microsoft Windows - nt!NtQueryInformationJobObject BasicLimitInformation ExtendedLimitInformation Kernel Stack Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1189&desc=2 We have discovered that the nt!NtQueryInformationJobObject system call corresponding to...

GNU Debugger Denial of Service Vulnerability

GNU Debugger GDB is a powerful debugger for debugging C and C++ programs. A security vulnerability exists in GDB 8.0 and earlier versions, which stems from the program's failure to detect an invalid FDE packet header. An attacker can exploit the vulnerability to exhaust the virtual memory of the...

CVE-2017-9778

GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB...

CVE-2017-9778

GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB...

Design/Logic Flaw

GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB...

UBUNTU-CVE-2017-9778

GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB...