UBUNTU-CVE-2014-8481

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service NULL pointer dereference and host OS crash via a crafted application that triggers 1 a...

CVE-2014-8481

The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before 3.18-rc2 does not properly handle invalid instructions, which allows guest OS users to cause a denial of service NULL pointer dereference and host OS crash via a crafted application that triggers 1 a...

UBUNTU-CVE-2014-8547

libavcodec/gifdec.c in FFmpeg before 2.4.2 does not properly compute image heights, which allows remote attackers to cause a denial of service out-of-bounds access or possibly have unspecified other impact via crafted GIF data...

[DLA 41-1] python-imaging security update

Package : python-imaging Version : 1.1.7-2+deb6u1 CVE ID : CVE-2014-3589 Andrew Drake discovered that missing input sanitising in the icns decoder of the Python Imaging Library could result in denial of service if a malformed image is processed...

Debian DSA-3009-1 : python-imaging - security update

Andrew Drake discovered that missing input sanitising in the icns decoder of the Python Imaging Library could result in denial of service if a malformed image is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

DSA-3009-1 python-imaging - security update

Bulletin has no description...

netty: DoS via memory exhaustion during data aggregation

A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...

netty: DoS via memory exhaustion during data aggregation

A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...

OpenJDK: JPEG decoder input stream handling (2D, 8029854)

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...

[SECURITY] Fedora 20 Update: fldigi-3.21.83-2.fc20

Fldigi is a modem program which supports most of the digital modes used by ham radio operators today. You can also use the program for calibrating your sound card to WWV or doing a frequency measurement test. The program also c omes with a CW decoder. fldigi is written with the help of the Fast...

netty: DoS via memory exhaustion during data aggregation

A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...

Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/7116/info The Windows library ntdll.dll includes a function that does not perform sufficient bounds checking. The vulnerability is present in the function RtlDosPathNameToNtPathNameU and may be exploited through other...

JPEGsnoop <= 1.5.2 WriteAV Crash PoC

No description provided by source. !/usr/bin/perl JPEGsnoop 1.5.2 = WriteAV Arbitrary Code Execution Author: Jean Pascal Pereira [email protected] Vendor URI: http://sourceforge.net/projects/jpegsnoop/ Vendor Description: JPEGsnoop is a detailed JPEG image decoder and analysis tool. It reports al...

Mthree Development MP3 to WAV Decoder Denial of Service Vulnerability

No description provided by source. Exploit Title: Mthree Development MP3 to WAV Decoder .mp3 DoS Date: 10 / 8 / 2010 Author: Oh Yaw Theng Credit : ZAC0034m!n Software Link: http://www.mthreedev.com/setupmp3towav.exe Tested on: Windows XP SP 2 CVE : N / A Description : Create the malicious .mp3 fi...

Linux/ARM - Polymorphic execve("/bin/sh", ["/bin/sh"], NULL); - XOR 88 encoded - 78 bytes

No description provided by source. / Title: Linux/ARM - Polymorphic execve/bin/sh, /bin/sh, NULL; - XOR 88 encoded - 78 bytes Date: 2010-06-28 Tested on: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan Web: http://shell-storm.org | http://twitter.com/jonathansalwan ! Database of shellcodes...

Microsoft MPEG Layer-3 Audio Decoder Division By Zero

No description provided by source...

Xine 0.9.x And Xine-Lib 1 Multiple Remote File Overwrite Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/10193/info It has been reported that the xine media player and the xine media library are affected by multiple remote file overwrite vulnerabilities. This is due to a design error that allows various media resource file...

Power System Of Article Management 3.0 - (DD/XSS) Vulnerabilities

No description provided by source. --------------------------------------------------------- Portal Name: Power System Of Article Management Version : 3.0 Author : PouyaServer , [email protected] Vulnerability : DD/XSS --------------------------------------------------------- DD:...

Cain & Abel <= 4.9.24 - RDP Buffer Overflow

No description provided by source. $Id: cainabel4918rdp.rb 11127 2010-11-24 19:35:38Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Cain & Abel <= 4.9.24 - .RDP Stack Overflow Exploit

No description provided by source. !/usr/bin/perl Cain & Abel = v4.9.24 .RDP Stack Overflow Exploit Exploit by SkD [email protected] ----------------------------------------------- Nothing much to say about this one. This works on an updated Windows XP SP3. On Vista this exploit is way easier th...