xen: insufficiencies in pv kernel image validation

tools/libxc/xcdombzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allows local users to cause a denial of service management software infinite loop and management domain resource consumption via unspecified vectors related to "Lack of error checking in the decompression loop."...

paravirtualised kernel image validation

ISSUE DESCRIPTION 1. Problems ----------- The functions which interpret the kernel image supplied for a paravirtualised guest, and decompress it into memory when booting the domain, are incautious. Specifically: i Integer overflow in the decompression loop memory allocator might result in...

Microsoft HTML Help 6.1 - Local Stack Overflow

Source: http://aluigi.org/adv/chm1-adv.txt Luigi Auriemma Application: Microsoft HTML Help http://www.microsoft.com Versions: = 6.1 Platforms: Windows any version included the latest Windows 7 Bug: stack overflow Date: 12 Apr 2011 found 20 Feb 2011 Author: Luigi Auriemma e-mail:...

acroread: critical APSB11-03

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D U3D file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590,...

ZDI-11-067: Adobe Acrobat Reader U3D Texture rgba RLE Decompression Remote Code Execution Vulnerability

ZDI-11-067: Adobe Acrobat Reader U3D Texture rgba RLE Decompression Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-067 February 8, 2011 -- CVE ID: CVE-2011-0591 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Adobe -- Affected Products: Adobe...

Buffer overflow

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D U3D file that triggers a buffer overflow during decompression, related to "Texture bmp," a different vulnerabilit...

Buffer overflow

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D U3D file that triggers a buffer overflow during decompression, related to Texture and rgba, a different...

Buffer overflow

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D U3D file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590,...

CVE-2011-0092

Microsoft Visio CVE-2011-0092 affects ORMELEMS.DLL in Visio 2002 SP2, 2003 SP3 and 2007 SP2. A malformed VisioDocument stream in a Visio file can trigger an exception handler that accesses an uninitialized object, causing memory corruption and remote code execution. The vulnerability is triggered...

CVE-2011-0092

The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 allows remote attackers to execute arbitrary code via a Visio file with a malformed VisioDocument stream that triggers an exception handler that accesses an object that has not been full...

Adobe Acrobat Reader U3D Texture rgba RLE Decompression Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft Visio 2007 LZW Stream Decompression Exception Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Visio...

Wireshark buffer overflow

Buffer overflow on ENTTEC DMX RLE decompression and MAC-LTE parsing...

Microsoft Media Decompression Remote Code Execution Vulnerability (2447961)

This host is missing a critical security update according to Microsoft Bulletin MS10-094. OpenVAS Vulnerability Test $Id: secpodms10-094.nasl 5934 2017-04-11 12:28:28Z antu123 $ Microsoft Media Decompression Remote Code Execution Vulnerability 2447961 Authors: Veerendra GG Copyright c 2010 SecPod...

Microsoft Media Decompression Remote Code Execution Vulnerability (2447961)

This host is missing a critical security update according to Microsoft Bulletin MS10-094. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2010-4294

The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548, VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548 on Windows, VMware Player 2.5.x before 2.5.5 build 246459 and 3.x...

Fedora Update for libmspack FEDORA-2010-14135

Check for the Version of libmspack OpenVAS Vulnerability Test Fedora Update for libmspack FEDORA-2010-14135 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

SuSE 11 Security Update : okular. (SAT Patch Number 3064)

This update fixes a heap-based overflow in okular. The RLE decompression in the TranscribePalmImageToJPEG function can be exploited to execute arbitrary code with user privileges by providing a crafted PDF file. CVE-2010-2575 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...

[SECURITY] Fedora 14 Update: suricata-1.0.2-1.fc14

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

FreeBSD : FreeBSD -- Integer overflow in bzip2 decompression (18dc48fe-ca42-11df-aade-0050568f000c)

When decompressing data, the run-length encoded values are not adequately sanity-checked, allowing for an integer overflow. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright...