CVE-2010-4206

Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a craft...

CVE-2010-4206

CVE-2010-4206 is a WebKit/WebKitGTK+ vulnerability described across multiple advisories as an array index error in FEBlend::apply (WebCore/graphics/filters/FEBlend.cpp). This defect was present in WebKit builds used by Google Chrome prior to 7.0.517.44 and webkitgtk before 1.2.6, among other prod...

CVE-2010-4203

WebM libvpx aka the VP8 Codec SDK before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via invalid frames...

CVE-2010-3962

Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets CSS token sequences and the clip attribute, aka an "invalid flag reference" issue or "Uninitialized Memory Corruption...

CVE-2010-2941

CVE-2010-2941 affects the Common UNIX Printing System (CUPS) cupsd component, specifically ipp.c in CUPS 1.4.4 and earlier. The vulnerability arises from improper memory allocation for attribute values with invalid string data types, enabling a remote attacker to cause a use-after-free and crash,...

MOXA MediaDBPlayback ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in MOXAActiveXSDK. When sending an overly long string to the PlayFileName of MediaDBPlayback.DLL 2.2.0.5 an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

Ubuntu Update for Firefox vulnerability USN-1011-1

Ubuntu Update for Linux kernel vulnerabilities USN-1011-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10111.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for Firefox vulnerability USN-1011-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

CVE-2010-4142

Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build 6.1.8.10 and earlier allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long 1 SCPCINITIALIZE, 2 SCPCINITIALIZERF, or 3 SCPCTXTEVENT packet. NOTE: it was later reported that 1.06 is...

Memory corruption

dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a Director file containing a crafted pamm chunk with an invalid 1 size and 2 number of sub-chunks, a different vulnerability than...

CVE-2010-4089

IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service memory corruption via a .dir file containing "duplicated LCSM entries in mmap record," a different vulnerability than CVE-2010-4087...

Adobe Releases Security Update for Shockwave Player

Adobe has released a security update for Shockwave Player to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review Adobe security bulletin APSB10-25 and apply any necessary updates to help...

CVE-2010-4025

Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows remote attackers to execute arbitrary code via a crafted document, as demonstrated by a Word document...

CVE-2010-4025

Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows remote attackers to execute arbitrary code via a crafted document, as demonstrated by a Word document...

Mandriva Update for firefox MDVSA-2010:210 (firefox)

Check for the Version of firefox OpenVAS Vulnerability Test Mandriva Update for firefox MDVSA-2010:210 firefox Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Memory corruption

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird before 3.0.9, and SeaMonkey before 2.0.9 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

Memory corruption

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...

Mozilla Releases Firefox 3.6.11

The Mozilla Foundation has released Firefox 3.6.11 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, or cause a denial-of-service condition. The Mozilla Foundation has also released Firefox 3.5.14 to address...

Code injection

Unspecified vulnerability on HP ProCurve Access Points, Access Controllers, and Mobility Controllers with software 5.1.x through 5.1.9, 5.2.x through 5.2.7, 5.3.x through 5.3.5, and 5.4.x through 5.4.0 allows remote attackers to execute arbitrary code via unknown vectors...

openSUSE Security Update : libmysqlclient-devel (openSUSE-SU-2010:0730-1)

local users could delete data files for tables of other users CVE-2010-1626. - authenticated users could gather information for tables they should not have access to CVE-2010-1849 - authenticated users could crash mysqld CVE-2010-1848 - authenticated users could potentially execute arbitrary code...

Integer overflow

Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel document with crafted record information, aka "Excel Record Parsing Integer Overflow Vulnerability."...