[SECURITY] Fedora 22 Update: seamonkey-2.33.1-1.fc22

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

Oracle Hyperion Smart View for Office 11.1.2.3.000 - Crash (PoC)

Oracle Hyperion Smart View for Office 11.1.2.3.000 - Crash PoC Exploit Title: Buffer Overflow in Oracle� Hyperion Smart View for Office DOS Exploit Author: sajith Vendor Homepage: http://oracle.com vulnerable Version: Fusion Edition 11.1.2.3.000 Build 157 Vulnerable Link:...

From zero to start to learn the Win32 platform buffer overflow（Part1）-bug warning-the black bar safety net

Buffer overflow is a common and we often heard of software security vulnerabilities, buffer overflow, i.e. that the data is too much to write into the memory or buffer, when a buffer within the write data is full, if you continue to write data, the data will overflow into other buffer, it will...

[SECURITY] Fedora 20 Update: seamonkey-2.33.1-1.fc20

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

M.I.T. Researchers Debut Integer Overflow Debugger

Students from M.I.T. have devised a new and more efficient way to scour raw code for integer overflows, the troublesome programming bugs that serve as a popular exploit vector for attackers and often lead to the crashing of systems. Researchers from the school’s Computer Science and Artificial...

[SECURITY] Fedora 21 Update: seamonkey-2.33-1.fc21

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

Fedora 20 : libuv-0.10.34-1.fc20 / nodejs-0.10.36-3.fc20 / v8-3.14.5.10-17.fc20 (2015-2310)

nodejs - tls: re-add 1024-bit SSL certs removed by f9456a2 Chris Dickinson - timers: don't close interval timers when unrefd Julien Gilli - timers: don't mutate unref list while iterating it Julien Gilli - childprocess: check execFile args is an array Sam Roberts - childprocess: check fork args i...

UBUNTU-CVE-2015-1226

The DebuggerFunction::InitAgentHost function in browser/extensions/api/debugger/debuggerapi.cc in Google Chrome before 41.0.2272.76 does not properly restrict what URLs are available as debugger targets, which allows remote attackers to bypass intended access restrictions via a crafted extension...

Design/Logic Flaw

The DebuggerFunction::InitAgentHost function in browser/extensions/api/debugger/debuggerapi.cc in Google Chrome before 41.0.2272.76 does not properly restrict what URLs are available as debugger targets, which allows remote attackers to bypass intended access restrictions via a crafted extension...

Google Chrome Access Bypass Vulnerability

Google Chrome is a web browsing tool developed by Google. The use of the DebuggerFunction::InitAgentHost function in browser/extensions/api/debugger/debuggerapi.cc in versions of Google Chrome prior to 41.0.2272.76 fails to properly restrict the debugging targets that can be used as the URLs,...

chromium-browser: Validation issue in debugger

The DebuggerFunction::InitAgentHost function in browser/extensions/api/debugger/debuggerapi.cc in Google Chrome before 41.0.2272.76 does not properly restrict what URLs are available as debugger targets, which allows remote attackers to bypass intended access restrictions via a crafted extension...

FreeBSD : chromium -- multiple vulnerabilities (8505e013-c2b3-11e4-875d-000c6e25e3e9)

Chrome Releases reports : 51 security fixes in this release, including : - 456516 High CVE-2015-1212: Out-of-bounds write in media. Credit to anonymous. - 448423 High CVE-2015-1213: Out-of-bounds write in skia filters. Credit to cloudfuzzer. - 445810 High CVE-2015-1214: Out-of-bounds write in ski...

chromium: multiple issues

CVE-2015-1212: Out-of-bounds write in media. - CVE-2015-1213, CVE-2015-1214, CVE-2015-1215: Out-of-bounds write in skia filters. - CVE-2015-1216: Use-after-free in v8 bindings. - CVE-2015-1217: Type confusion in v8 bindings. - CVE-2015-1218: Use-after-free in dom. - CVE-2015-1219: Integer...

Google Chrome < 41.0.2272.76 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 41.0.2272.76. It is, therefore, affected by multiple vulnerabilities as referenced in the 201503stable-channel-update advisory. - Multiple use-after-free vulnerabilities in core/html/HTMLInputElement.cpp in the DOM...

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 41 to the stable channel for Windows, Mac and Linux. Chrome 41.0.2272.76 contains a number of fixes and improvements, including: A number of new apps/extension APIs Lots of under the hood changes for stability and performance A list...

Fedora 21 : libuv-0.10.34-1.fc21 / nodejs-0.10.36-3.fc21 / v8-3.14.5.10-17.fc21 (2015-2313)

nodejs - tls: re-add 1024-bit SSL certs removed by f9456a2 Chris Dickinson - timers: don't close interval timers when unrefd Julien Gilli - timers: don't mutate unref list while iterating it Julien Gilli - childprocess: check execFile args is an array Sam Roberts - childprocess: check fork args i...

[SECURITY] Fedora 20 Update: seamonkey-2.32-1.fc20

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

Crystal Player 1.99 - Memory Corruption

Document Title: =============== Crystal Player 1.99 - Memory Corruption Vulnerability Date: ============= 21/01/2015 Vendor Homepage: ================ http://www.crystalreality.com/ Abstract Advisory Information: ============================== Memory Corruption Vulnerability on Crystal Player 1.9...

CVE-2014-9458

Heap-based buffer overflow in the GDB debugger module in Hex-Rays IDA Pro before 6.6 cumulative fix 2014-12-24 allows remote GDB servers to have unspecified impact via unknown vectors...

Heap overflow

Heap-based buffer overflow in the GDB debugger module in Hex-Rays IDA Pro before 6.6 cumulative fix 2014-12-24 allows remote GDB servers to have unspecified impact via unknown vectors...