Design/Logic Flaw

The Debugger extension API in browser/extensions/api/debugger/debuggerapi.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as...

CVE-2014-3172

The Debugger extension API in browser/extensions/api/debugger/debuggerapi.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as...

CVE-2014-3172

The Debugger extension API in browser/extensions/api/debugger/debuggerapi.cc in Google Chrome before 37.0.2062.94 does not validate a tab's URL before an attach operation, which allows remote attackers to bypass intended access limitations via an extension that uses a restricted URL, as...

CVE-2014-3172

The CVE-2014-3172 issue affects Google Chrome prior to 37.0.2062.94, where the Debugger extension API (Debugger API in chrome browser extensions) does not validate a tab URL before an attach operation, potentially allowing an extension using a restricted URL (e.g., chrome:// URL) to bypass access...

CVE-2014-3172

Removed by vendor...

Google Chrome < 37.0.2062.94 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 37.0.2062.94. It is, therefore, affected by the following vulnerabilities : - Blink contains a use-after-free vulnerability in its SVG implementation. By using a specially crafted web page, a remote attacker...

Juniper Network and Security Manager XDB Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Juniper Network and Security Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the XDB service. The issue lies in the ability to connect to the...

[SECURITY] Fedora 19 Update: ipython-0.13.2-4.fc19

IPython provides a replacement for the interactive Python interpreter with extra functionality. Main features: Comprehensive object introspection. Input history, persistent across sessions. Caching of output results during a session with automatically generated references. Readline based name...

The Java Debugger exploits and fixes-vulnerability warning-the black bar safety net

0x0 Foreword Recently found an interesting vulnerability-JAVA open the Debugger mode can execute arbitrary system commands. Need certain Use Conditions, you have to be open to debug the process of setting up a breakpoint, and then use this breakpoint to execute the command of the operation. 0x1...

[SECURITY] Fedora 20 Update: seamonkey-2.26.1-1.fc20

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

[SECURITY] Fedora 19 Update: seamonkey-2.26.1-1.fc19

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (3)

No description provided by source. source: http://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for processing arguments...

Trillian 0.x IRC Module Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5373/info A buffer overflow condition has been reported in the Trillian IRC module. The condition is due to insecure handling of data extracted from server responses. An attacker in control of a malicious server may explo...

Microsoft Office Picture Manager 2010 Crash PoC

No description provided by source. Title : Microsoft Office Picture Manager 2010 memory corruption Version : Microsoft Office professional Plus 2010 Crash : http://img715.imageshack.us/img715/7364/pocl.png Date : 2012-10-24 Vendor : http://office.microsoft.com Impact : Med/High Contact : coolkave...

Lotus Domino IMAP4 Server 6.5.4 - Remote Buffer Overflow Exploit

No description provided by source. Lotus Domino IMAP4 Server Release 6.5.4 / Windows 2000 Advanced Server x86 Remote Exploit Vulnerable: IBM Lotus Domino = 7.0.2 && 6.5.5 FP2 tested 6.5.4 Authors: Dominic Chell [email protected] & prdelka Exploitation steps: 1 The instruction call dword e...

FortKnox Personal Firewall 9.0.305.0 & 10.0.305.0 - Kernel Driver (fortknoxfw.sys) Memory Corruption Vulnerability

No description provided by source. / Exploit Title: 0day FortKnox Personal Firewall kernel driver fortknoxfw.sys memory corruption vulnerability Date: 25/10/2013 Author: Arash Allebrahim Contact : [email protected] Vendor Homepage: http://www.fortknox-firewall.com/ Vulnerable software :...

IBM AIX <= 4.3.1 adb Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/520/info adb is the debugger that ships with IBM's AIX operating system. It is possible for a local user to cause a local denial of service through exploiting the version of adb shipped with AIX 4.2 through 4.3.1. The...

JPEGsnoop <= 1.5.2 WriteAV Crash PoC

No description provided by source. !/usr/bin/perl JPEGsnoop 1.5.2 = WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira [email protected] Vendor URI: http://sourceforge.net/projects/jpegsnoop/ Vendor Description: JPEGsnoop is a detailed JPEG image decoder and analysis tool. It reports al...

Immunity Debugger 1.85 - Stack Overflow Vulnerabil?ity (PoC)

No description provided by source. / Filename : CrashPOC.cpp Exploit Title: title Date: 20 March 2014 Exploit Author: Veysel HATAS [email protected] - Web Page : www.binarysniper.net Vendor Homepage: https://www.immunityinc.com/ Software Link: https://www.immunityinc.com/products-immdbg.shtml...

Confixx 2 Perl Debugger Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9831/info The Confixx PERL debugging utility functionality has been reported to be prone to a remote command execution vulnerability. The issue is reported to occur when a command sequence is appended to a HTTP request fo...