88 matches found
Important: Red Hat Security Advisory: kernel security and bug fix update
Updated kernel packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 6.2 Advanced Update Support. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which...
MozillaThunderbird,seamonkey (important)
Mozilla Thunderbird was updated to 24.4.0. Mozilla SeaMonkey was updated to 2.25. MFSA 2014-15/CVE-2014-1493/CVE-2014-1494 Miscellaneous memory safety hazards MFSA 2014-17/CVE-2014-1497 bmo966311 Out of bounds read during WAV file decoding MFSA 2014-18/CVE-2014-1498 bmo935618...
Privilege escalation using WebIDL-implemented APIs — Mozilla
Security researcher Mariusz Mlynski, via TippingPoint's Pwn2Own contest, reported that it is possible for untrusted web content to load a chrome-privileged page by getting JavaScript-implemented WebIDL to call window.open. A second bug allowed the bypassing of the popup-blocker without user...
VulnCheck KEV: CVE-2014-0295
VsaVb7rt.dll in Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in February 2014, aka "VSAVB7RT ASLR Vulnerability."...
HT Editor 2.0.20 Buffer Overflow (ROP PoC)
Exploit for linux platform in category dos / poc !/usr/bin/perl =head1 TITLE HT Editor 2.0.20 Buffer Overflow ROP PoC =head2 DESCRIPTION Since version 2.0.18, the stack overflow vulnerability has not been corrected, which I assume would make it 0day? I consequently recoded an exploit, as memory...
Acer AcerCtrls.APlunch ActiveX Arbitrary Command Execution
The remote host contains an ActiveX control from Acer called 'AcerCtrls.APlunch'. If this control is distributed with the appropriate 'Implemented Categories' registry key, it may be marked as safe for scripting. This would allow a web page in Internet Explorer to call the control's 'Run' method....
atmail-disclose.txt
!/usr/bin/perl LEGAL: Permission is granted to freely reproduce this document in its entirety under the condition that the contents are not altered in any way. milw0rm IS permitted to add their standard footer: // milw0rm.com / date Permission to view or reproduce this file is NOT granted to any...
script.command.txt
------------------------------------------------------------- Title: Silly hardlink vulnerability in UNIX 'script' command Linux version maintainer: Andries Brouwer [email protected] Bug found by: Marco van Berkum [email protected] Date: 17-12-2001 Priority: low...