ZDI-10-088: Adobe Shockwave Player 3D Parsing Memory Corruption Vulnerability

ZDI-10-088: Adobe Shockwave Player 3D Parsing Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-088 May 11, 2010 -- CVE ID: CVE-2010-1283 -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player -- TippingPointTM IPS Customer Protection: TippingPoin...

Mandrake Security Advisory MDVSA-2009:233 (kernel)

The remote host is missing an update to kernel announced via advisory MDVSA-2009:233. OpenVAS Vulnerability Test $Id: mdksa2009233.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:233 kernel Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...

FreeBSD Security Advisory (FreeBSD-SA-08:13.protosw.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:13.protosw.asc ADV FreeBSD-SA-08:13.protosw.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-08:13.protosw.asc Authors: Thomas Reinke Copyright: Copyright c 200...

FreeBSD Security Advisory (FreeBSD-SA-08:13.protosw.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:13.protosw.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Sql injection

Multiple unspecified vulnerabilities in FreeBSD 6 before 6.4-STABLE, 6.3 before 6.3-RELEASE-p7, 6.4 before 6.4-RELEASE-p1, 7.0 before 7.0-RELEASE-p7, 7.1 before 7.1-RC2, and 7 before 7.1-PRERELEASE allow local users to gain privileges via unknown attack vectors related to function pointers that a...

FreeBSD -- netgraph / bluetooth privilege escalation

Problem Description: Some function pointers for netgraph and bluetooth sockets are not properly initialized. Impact: A local user can cause the FreeBSD kernel to execute arbitrary code. This could be used by an attacker directly; or it could be used to gain root privilege or to escape from a jail...

Opera 9.62 - file: Local Heap Overflow

Opera 9.62 - file: Local Heap Overflow uh? // ksOSe 11/15/2008 // tested on Windows XP SP3, opera 9.62 international version // vulnerability found by send9 // there are many ways to achieve code execution, tons of function pointers to overwrite. // maybe there's one more reliable... var i=0; //...

Cross site request forgery (csrf)

Array index vulnerability in the Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote authenticated users to execute arbitrary code via a crafted event subscription request that is used to access an array of functio...

CVE-2008-1456

Array index vulnerability in the Event System in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote authenticated users to execute arbitrary code via a crafted event subscription request that is used to access an array of functio...

CVE-2008-2812

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service system crash or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in 1 hamradio/6pack.c, 2 hamradio/mkiss.c, 3...

CVE-2006-6952

Computer Associates Host Intrusion Prevention System HIPS drivers 1 Core kmxstart.sys 6.5.4.31 and 2 Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers...

CVE-2006-6952

CVE-2006-6952 affects CA Personal Firewall/CA Internet Security Suite 2007: HIPS Core (KmxStart.sys) and HIPS Firewall (KmxFw.sys) allow local privilege escalation by using privileged IOCTLs to modify callback pointers. Impact is local privilege escalation; affected products include CA Personal F...

[Reversemode advisory] Computer Associates HIPS Drivers - multiple local privilege escalation vulnerabilities.

Computer Associates "Host Intrusion Prevention System" Engine Drivers are prone to multiple local privilege escalation vulnerabilities. Unprivileged users can take advantage of these flaws in order to execute arbitrary code with kernel privileges. Two drivers are affected, kmxstart.sys and...

FreeBSD : Macromedia flash player -- swf file handling arbitrary code (aed343b4-5480-11da-b579-001125afbed7)

A Secunia Advisory reports : A vulnerability has been reported in Macromedia Flash Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to missing validation of the frame type identifier that is read from a SWF file. This value is used ...

Macromedia Flash Player array index overflow

User controlled value is used as function pointers array index without boundary control...