Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 Services.exe Denial of Service (1)

No description provided by source. source: http://www.securityfocus.com/bid/754/info A specially crafted packet can cause a denial of service on an NT 4.0 host, rendering local administration and network communication nearly unusable. This attack will crash the services executable, which in turn,...

SCO Unixware 7.0/7.0.1/7.1/7.1.1 Privileged Program Debugging Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/869/info Unixware's security model includes the concept of privileges. These can be assigned to processes and allow them to perform tasks that otherwise could only be performed by the root user. They allow programs to run...

gdb (GNU debugger) <= 7.5.1NULL Pointer Dereference

No description provided by source. / gdb GNU debugger = 7.5.1 crash due a NULL pointer dereference ELF anti-debugging/reversing patcher Published @ IOActive Labs Research blog: http://blog.ioactive.com/2012/12/striking-back-gdb-and-ida-debuggers.html - nitr0us http://twitter.com/nitr0usmx Tested...

DIMIN Viewer 5.4.0 Crash PoC

No description provided by source. !/usr/bin/perl DIMIN Viewer 5.4.0 = WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira [email protected] Vendor URI: http://www.dimin.net Vendor Decription: View images in countless formats, and apply a variety of effects with this small, fast, and...

Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for processing arguments...

Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (4)

No description provided by source. source: http://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for processing arguments...

Sendmail 8.11/8.12 Debugger Arbitrary Code Execution Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for processing arguments...

Winamp stack overflow analysis and use-vulnerability and early warning-the black bar safety net

Winamp is a relatively old player, here is mainly through winamp a poc analysis, to construct a exp. 主 程序 见 附件 winamp.exe poc see Annex poc. m3u. A Poc analysis View the first poc below. Found in addition to the front 1 0 more bytes of the m3u File format to specify the contents, the other parts...

openSUSE Security Update : seamonkey (openSUSE-SU-2014:0629-1)

This is a SeaMonkey update to version 2.26 : - MFSA 2014-34/CVE-2014-1518/CVE-2014-1519 Miscellaneous memory safety hazards - MFSA 2014-36/CVE-2014-1522 bmo995289 Web Audio memory corruption issues - MFSA 2014-37/CVE-2014-1523 bmo969226 Out of bounds read while decoding JPG images - MFSA...

[SECURITY] Fedora 19 Update: seamonkey-2.26-1.fc19

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...

CVE-2014-1526

The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped...

Design/Logic Flaw

The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped...

CVE-2014-1526

The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped...

Ubuntu 14.04 LTS : Firefox vulnerabilities (USN-2185-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2185-1 advisory. Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, John Schoenick, Karl Tomlinson, Vladimir Vukicevic a...

USN-2185-1: Firefox vulnerabilities

Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, John Schoenick, Karl Tomlinson, Vladimir Vukicevic and Christian Holler discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an...

SeaMonkey < 2.26 Multiple Vulnerabilities

The installed version of SeaMonkey is a version prior to 2.26 and is, therefore, potentially affected by the following vulnerabilities : - An issue exists in the Network Security NSS library due to improper handling of IDNA domain prefixes for wildcard certificates. This issue could allow man-in-...

Debugger can bypass XrayWrappers with JavaScript — Mozilla

Mozilla developer Boris Zbarsky discovered that the debugger will work with some objects while bypassing XrayWrappers. This could lead to privilege escalation if the victim used the debugger to interact with a malicious page...

CVE-2014-1526

The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped...

UBUNTU-CVE-2014-1526

The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped...

[SECURITY] Fedora 19 Update: seamonkey-2.25-1.fc19

SeaMonkey is an all-in-one Internet application suite. It includes a browser, mail/news client, IRC client, JavaScript debugger, and a tool to inspect the DOM for web pages. It is derived from the application formerly known as Mozilla Application Suite...