CVE-2017-7483

Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the value -2^31 inside a terminal escape code, which results in a non-invertible integer that eventually leads to a segfault due to an out of bounds read...

CVE-2017-7483

Rxvt 2.7.10 is vulnerable to a denial of service attack by passing the value -2^31 inside a terminal escape code, which results in a non-invertible integer that eventually leads to a segfault due to an out of bounds read...

CVE-2017-7483

Rxvt 2.7.10 is vulnerable to denial-of-service via a crafted terminal escape code (-2^31), causing a non-invertible integer and an out-of-bounds read that leads to a segfault. Affected product: rxvt (VT102 terminal emulator for X). Root cause: improper handling of certain escape sequences. Impact...

CVE-2017-7483

Removed by vendor...

NVIDIA Driver - Escape Code Leaks Uninitialised ExAllocatePoolWithTag Memory to Userspace Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=892 The handler for the DxgkDdiEscape escape code 0x70000D4 has the following pseudocode: void fastcall escape70000D4NvMiniportDeviceContext a1, NvEscapeData a2 Escape70000D4...

NVIDIA Driver - Escape 0x100010b Missing Bounds Check

NVIDIA Driver - Escape 0x100010b Missing Bounds Check Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=927 The DxgkDdiEscape handler for escape code 0x100010b looks like: char escape100010bNvMiniportDeviceContext miniportcontext, HANDLE handle, unsigned int idx PVOID Object; if...

NVIDIA Driver - Escape Code Leaks Uninitialised ExAllocatePoolWithTag Memory to Userspace

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=892 The handler for the DxgkDdiEscape escape code 0x70000D4 has the following pseudocode: void fastcall escape70000D4NvMiniportDeviceContext a1, NvEscapeData a2 Escape70000D4 escapedata; // rbx@1 PVOID allocbuf; // rsi@1 unsigned i...

Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode...

SuSE Update for qemu openSUSE-SU-2012:1170-1 (qemu)

Check for the Version of qemu OpenVAS Vulnerability Test $Id: gbsuse201211701.nasl 8273 2018-01-03 06:29:19Z teissa $ SuSE Update for qemu openSUSE-SU-2012:1170-1 qemu Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is fre...