75 matches found
CVE-2017-16837
Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...
UBUNTU-CVE-2017-16837
Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...
Code injection
Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...
CVE-2017-16837
Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...
CVE-2017-16837
Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...
CVE-2017-16837
Certain function pointers in Trusted Boot tboot through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to overwrite dynamic PCRs of Trusted Platform Module TPM by hooking these function pointers...
Android ssp_batch_ioctl Out-Of-Bounds Write Exploit
Android suffers from an out-of-bounds write in sspbatchioctl. Android: OOB write in sspbatchioctl SensorHub exposes a character device under /dev/batchio which can be used in order to send instructions to batches of running sensors. The IOCTL handler from this device has the following high-level...
XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation
Vulnerability Details Affected Vendor: Silicon Integrated Systems Corporation Affected Product: XGI VGA Display Manager Affected Version: 6.14.10.1090 Platform: Microsoft Windows XP SP3 CWE Classification: CWE-123: Write-what-where condition Impact: Arbitrary Code Execution Attack vector: IOCTL...
A preliminary understanding of the stack overflow vulnerability-vulnerability warning-the black bar safety net
1. What is the stack for? The stack is a mechanism that computers use to pass arguments to the function, can also be used to put into local function variables, function return address, it's purpose is to give a program a convenient way to access specific function of the partial data and from the...
Apple OS X Dock Service Sandbox Escape Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the OS X Dock. The...
MySQL (Linux) Heap Based Overrun PoC Zeroday
No description provided by source. MySQL Heap Overrun tested for the latest version of mysql server on a SuSE Linux system As seen below $edx and $edi are fully controlled, the current instruction is = 0x83a6b24 freeroot+180: mov %edx,%edi this means we landed in a place where 4 bytes can be...
CylantSecure 1.0 Kernel Module Syscall Rerouting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2958/info CylantSecure is a commercial Linux hardening tool and security infrastructure available from Cylant Technology. A problem in the CylantSecure infrastructure could allow users to escape monitoring. A user with ro...
DEBIAN-CVE-2013-2477
The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service application crash via a malformed packet...
CVE-2013-2477
The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service application crash via a malformed packet...
CVE-2012-1855
Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP or 2 a crafted .NET Framework application, aka ".NET Framework Memory Access Vulnerability...
PT-2012-3599 · Microsoft · .Net Framework
Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 Description: The issue allows remote attackers to execute arbitrary code via a crafted XAML browser application or a crafted .NET Framework application. This is due to the...
CVE-2012-1517
The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service memory overwrite and process crash or possibly execute arbitrary code on the host OS via vectors involving function pointers...
HITB2011KUL - Post Memory Corruption Analysis
Document Title: =============== HITB2011KUL - Post Memory Corruption Analysis References: =========== Download: http://www.vulnerability-lab.com/resources/videos/398.wmv View: http://www.youtube.com/watch?v=kOgarD9KCbg Release Date: ============= 2012-01-26 Vulnerability Laboratory ID VL-ID:...
SAP NetWeaver Composition Environment sapstartsrv.exe Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP NetWeaver Composition Environment. Authentication is not required to exploit this vulnerability. The specific flaw exists within the sapstartsrv.exe process which listens by default on ports...
Lithtech Engine - Memory Corruption
Original Advisory: http://aluigi.org/adv/fearless-adv.txt Luigi Auriemma Application: Lithtech engine http://www.lithtech.com Games: any game should be affected, refer to http://en.wikipedia.org/wiki/LithtechLithtechimplementations those personally tested by me are: F.E.A.R. = 1.08 F.E.A.R. 2...