9457 matches found
Calling scope for new Javascript objects can lead to memory corruption — Mozilla
Mozilla community member Ms2ger found a mechanism where a new Javascript object with a compartment is uninitialized could be entered through web content. When the scope for this object is called, it leads to a potentially exploitable crash...
Use-after-free in Animation Manager during stylesheet cloning — Mozilla
Security researcher Abhishek Arya Inferno of the Google Chrome Security Team used the Address Sanitizer tool to discover a use-after-free problem in the Animation Manager during the cloning of stylesheets. This can lead to a potentially exploitable crash...
GC hazard with default compartments and frame chain restoration — Mozilla
Security researcher Nils reported a potentially exploitable use-after-free in an early test version of Firefox 25. Mozilla developer Bobby Holley found that the cause was an older garbage collection bug that a more recent change made easier to trigger...
Compartment mismatch re-attaching XBL-backed nodes — Mozilla
Security researcher Sachin Shinde reported that moving certain XBL-backed nodes from a document into the replacement document created by document.open can cause a JavaScript compartment mismatch which can often lead to exploitable conditions...
Memory corruption involving scrolling — Mozilla
Security researcher Nils reported two potentially exploitable memory corruption bugs involving scrolling. The first was a use-after-free condition due to scrolling an image document. The second was due to nodes in a range request being added as children of two different parents...
NativeKey continues handling key messages after widget is destroyed — Mozilla
Mozilla developer Masayuki Nakano discovered that the NativeKey widget continues handling key messages even when it is destroyed by dispatched event listeners. This could result in some key events being applied to other objects or plugins if the widget memory is reallocated to them, leading to a...
Use-after-free with select element — Mozilla
Security researcher Scott Bell used the Address Sanitizer tool to discover a use-after-free when using a element in a form after it has been destroyed. This could lead to a potentially exploitable crash...
Integer overflow in ANGLE library — Mozilla
Security researcher Alex Chapman reported that the Almost Native Graphics Layer Engine ANGLE library used by Mozilla is vulnerable to an integer overflow. This vulnerability is present because of insufficient bounds checking in the drawLineLoop function, which can be driven by web content to...
Solaris 10 (x86) : 149639-02 (deprecated)
Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: USB hub driver. Supported versions that are affected are 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in...
[CORE-2013-0809] Sophos Web Protection Appliance Multiple Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Sophos Web Protection Appliance Multiple Vulnerabilities 1. Advisory Information Title: Sophos Web Protection Appliance Multiple Vulnerabilities Advisory ID: CORE-2013-0809 Advisory URL:...
Sophos Web Protection Appliance - Multiple Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Sophos Web Protection Appliance Multiple Vulnerabilities 1. Advisory Information Title: Sophos Web Protection Appliance Multiple Vulnerabilities Advisory ID: CORE-2013-0809 Advisory URL:...
Sophos Web Protection Appliance Command Injection Vulnerability
Core Security Technologies Advisory - Sophos Web Protection Appliance versions 3.7.9 and earlier, 3.8.1, and 3.8.0 suffer from multiple OS command injection vulnerabilities. Sophos Web Protection Appliance Multiple Vulnerabilities 1. Advisory Information Title: Sophos Web Protection Appliance...
Updated asterisk package fixes security vulnerabilities
A remotely exploitable crash vulnerability exists in the SIP channel driver if an ACK with SDP is received after the channel has been terminated. The handling code incorrectly assumes that the channel will always be present CVE-2013-5641. A remotely exploitable crash vulnerability exists in the S...
ICONICS GENESIS32 Multiple Memory Corruption
Overview Independent security researchers Billy Rios and Terry McCorkle have identified eight memory corruption vulnerabilities affecting the ICONICS GENESIS32 product. GENESIS32 is a web-deployable human-machine interface HMI supervisory control and data acquisition SCADA product. These...
Aloaha PDF Suite Buffer Overflow Vulnerability
Advisory ID Internal CORE-2013-0805 1. Advisory Information Title: Aloaha PDF Suite Buffer Overflow Vulnerability Advisory ID: CORE-2013-0805 Advisory URL:http://www.coresecurity.com/advisories/aloaha-pdf-suite-buffer-overflow-vulnerability Date published: 2013-08-28 Date of last update:...
AVTECH DVR Buffer Overflow / CAPTCHA Bypass
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ AVTECH DVR multiple vulnerabilities 1. Advisory Information Title: AVTECH DVR multiple vulnerabilities Advisory ID: CORE-2013-0726 Advisory URL: http://www.coresecurity.com/advisories/avtech-dvr-multiple-vulnerabilities Date...
IBM 1754 GCM16 1.18.0.22011 Command Execution
I. Product description The IBM 1754 GCM family provides KVM over IP and serial console management technology in a single appliance. II. Vulnerability information Impact: Command execution Remotely exploitable: yes CVE: 2013-0526 CVS Score: 8.5 III. Vulnerability details GCM16 v.1.18.0.22011 and...
Siemens WinCC Exploitable Crashes
Overview ICS-CERT Advisory ICSA-11-175-02P was originally released to the US-CERT Portal on June 24, 2011. This web page release was delayed to allow users sufficient time to download and install the update. ICS-CERT has received a report from independent security researchers Billy Rios and Terry...
CORE-2013-0708 - Hikvision IP Cameras Multiple Vulnerabilities
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Hikvision IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: Hikvision IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0708 Advisory URL:...
Hikvision IP Cameras Overflow / Bypass / Privilege Escalation
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Hikvision IP Cameras Multiple Vulnerabilities 1. Advisory Information Title: Hikvision IP Cameras Multiple Vulnerabilities Advisory ID: CORE-2013-0708 Advisory URL:...