CVE-2015-1259

PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

UBUNTU-CVE-2015-1259

PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

Design/Logic Flaw

PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2015-1262

Removed by vendor...

CVE-2015-1259

Removed by vendor...

CVE-2015-1259

PDFium, as used in Google Chrome before 43.0.2357.65, does not properly initialize memory, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2015-1259

The CVE-2015-1259 entry is confirmed in connected sources as a PDFium memory initialization issue in Google Chrome/Chromium prior to 43.0.2357.65. The root cause is an uninitialized memory condition in the PDFium component, which can allow a remote attacker to cause a denial of service or potenti...

SUSE SLES10 Security Update : Xen (SUSE-SU-2015:0744-1)

The Virtualization service XEN was updated to fix various bugs and security issues. The following security issues have been fixed : XSA-125: Long latency MMIO mapping operations were not preemptible. CVE-2015-2151: XSA-123: Instructions with register operands ignored eventual segment overrides...

SSL/TLS: "Invariance Weakness" vulnerability in RC4 stream cipher

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic...

! metasploit exploit module development tutorial! - Vulnerability warning-the black bar safety net

How to write a Metasploit POST-development module ! Metasploit currently has a about a 1 5 0 a exploit module. Most of the exploits using the module are through the Windows, Solaris and Cisco these platforms were collected. At the same time, Metasploit can also for these modules on the line...

Ubuntu: Security Advisory (USN-2582-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Plugin Initialization Use-after-free Vulnerability (Apr 2015) - Mac OS X

Mozilla Firefox is prone to a use after free vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Mozilla Firefox Plugin Initialization Use-after-free Vulnerability (Apr 2015) - Windows

Mozilla Firefox is prone to a use after free vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory', 'Description' = %q This module exploits an unintialized memory...

CVE-2015-2706

Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via a crafted plugin that does not properly complete initialization...

Ubuntu 14.04 LTS : Firefox vulnerability (USN-2571-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2571-1 advisory. Robert Kaiser discovered a use-after-free during plugin initialization in some circumstances. If a user were tricked in to opening a specially crafted website, an...

USN-2571-1 firefox vulnerability

Robert Kaiser discovered a use-after-free during plugin initialization in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileg...

SuSE 11.3 Security Update : Xen (SAT Patch Number 10560)

The Virtualization service XEN was updated to fix various bugs and security issues. The following security issues have been fixed : - XSA-126: Unmediated PCI command register access in qemu could have lead to denial of service attacks against the host, if PCI cards are passed through to guests...

CVE-2015-2706

Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via a crafted plugin that does not properly complete initialization...

UBUNTU-CVE-2015-2706

Race condition in the AsyncPaintWaitEvent::AsyncPaintWaitEvent function in Mozilla Firefox before 37.0.2 allows remote attackers to execute arbitrary code or cause a denial of service use-after-free via a crafted plugin that does not properly complete initialization...