3882 matches found
FreeBSD : wpa_supplicant -- P2P SSID processing vulnerability (cb9d2fcd-eb47-11e4-b03e-002590263bf5)
Jouni Malinen reports : A vulnerability was found in how wpasupplicant uses SSID information parsed from management frames that create or update P2P peer entries e.g., Probe Response frame or number of P2P Public Action frames. SSID field has valid length range of 0-32 octets. However, it is...
wpa_supplicant: arbitrary code execution
A vulnerability was found in how wpasupplicant uses SSID information parsed from management frames that create or update P2P peer entries e.g., Probe Response frame or number of P2P Public Action frames. SSID field has valid length range of 0-32 octets. However, it is transmitted in an element th...
wpa_supplicant -- P2P SSID processing vulnerability
Jouni Malinen reports: A vulnerability was found in how wpasupplicant uses SSID information parsed from management frames that create or update P2P peer entries e.g., Probe Response frame or number of P2P Public Action frames. SSID field has valid length range of 0-32 octets. However, it is...
UBUNTU-CVE-2015-1863
Heap-based buffer overflow in wpasupplicant 1.0 through 2.4 allows remote attackers to cause a denial of service crash, read memory, or possibly execute arbitrary code via crafted SSID information in a management frame when creating or updating P2P entries...
netty: DoS via memory exhaustion during data aggregation
A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...
netty: DoS via memory exhaustion during data aggregation
A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...
netty: DoS via memory exhaustion during data aggregation
A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...
packETH – Ethernet Packet Generator
packETH Ethernet Packet Generator packETH is GUI and CLI packet generator tool for ethernet. It allows you to create and send any possible packet or sequence of packets on the ethernet link. It is very simple to use, powerful and supports many adjustments of parameters while sending sequence of...
Aruba Networks Instant Heap Buffer Overflow Vulnerability
Aruba Networks Instant IAP is a suite of access point AP solutions from Aruba Networks, USA. The solution supports virtualization of Aruba Mobility Controllers on 802.11n Access Points APs, creation of enterprise-grade Wireless Local Area Networks WLANs and enterprise entry-level Wi-Fi networks,...
Mozilla: Out-of-bounds write with WebM video (MFSA 2014-77)
The gettile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly execute arbitrary code via WebM frames with invalid tile sizes that are...
DEBIAN-CVE-2014-1578
The gettile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly execute arbitrary code via WebM frames with invalid tile sizes that are...
Out-of-bounds
The gettile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly execute arbitrary code via WebM frames with invalid tile sizes that are...
CVE-2014-1578
The gettile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly execute arbitrary code via WebM frames with invalid tile sizes that are...
CVE-2014-1578
CVE-2014-1578 affects Mozilla Firefox (Firefox 33.0 and Firefox ESR 31.x before 31.2) and Thunderbird; the issue is an out-of-bounds write in get_tile() when buffering WebM frames with invalid tile sizes, leading to a crash or potentially arbitrary code execution. Connected sources confirm fixes:...
CVE-2014-1578
The gettile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly execute arbitrary code via WebM frames with invalid tile sizes that are...
CVE-2014-1578
The gettile function in Mozilla Firefox before 33.0, Firefox ESR 31.x before 31.2, and Thunderbird 31.x before 31.2 allows remote attackers to cause a denial of service out-of-bounds write and application crash or possibly execute arbitrary code via WebM frames with invalid tile sizes that are...
UBUNTU-CVE-2014-3686
wpasupplicant and hostapd 0.7.2 through 2.2, when running with certain configurations and using wpacli or hostapdcli with action scripts, allows remote attackers to execute arbitrary commands via a crafted frame...
netty: DoS via memory exhaustion during data aggregation
A flaw was found in the WebSocket08FrameDecoder implementation that could allow a remote attacker to trigger an Out Of Memory Exception by issuing a series of TextWebSocketFrame and ContinuationWebSocketFrames. Depending on the server configuration, this could lead to a denial of service...
CVE-2014-6695
The Wedding Photo Frames-Love Pics aka com.WeddingPhotoFramesLovePics application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The Wedding Photo Frames-Love Pics aka com.WeddingPhotoFramesLovePics application 1.0 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...