Microsoft XML Core Services Remote Code Execution Vulnerabilities (2756145)

This host is missing a critical security update according to Microsoft Bulletin MS13-002. OpenVAS Vulnerability Test $Id: secpodms13-002.nasl 4922 2017-01-02 16:28:42Z cfi $ Microsoft XML Core Services Remote Code Execution Vulnerabilities 2756145 Authors: Rachana Shetty Copyright: Copyright c 20...

Microsoft XML Core Services Remote Code Execution Vulnerabilities (2756145)

This host is missing a critical security update according to Microsoft Bulletin MS13-002. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Apple Mac OS X libsecurity_cdsa_plugin Malloc Integer Truncation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Mac OSX. Authentication is not required to exploit this vulnerability. The flaw exists within the libsecuritycdsaplugin which implements routines defined in libsecuritycssm. The library defin...

Scientific Linux Security Update : openoffice.org on SL4.x i386/x86_64

An integer truncation error, leading to a heap-based buffer overflow, was found in the way the OpenOffice.org Impress presentation application sanitized a file's dictionary property items. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when...

Scientific Linux Security Update : openoffice.org on SL3.x i386/x86_64

An integer truncation error, leading to a heap-based buffer overflow, was found in the way the OpenOffice.org Impress presentation application sanitized a file's dictionary property items. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when...

Scientific Linux Security Update : openoffice.org2 on SL4.x i386/x86_64

An integer truncation error, leading to a heap-based buffer overflow, was found in the way the OpenOffice.org Impress presentation application sanitized a file's dictionary property items. An attacker could use this flaw to create a specially crafted Microsoft Office PowerPoint file that, when...

XnView < 1.99.0 Multiple Buffer Overflow Vulnerabilities

The version of XnView installed on the remote Windows host is earlier than 1.99.0. It therefore is reportedly affected by the following heap-based buffer overflow vulnerabilities : - An integer truncation issue exists related to the handling of the depth value in 'Sun Raster' RAS image files. - A...

Google Fixes 13 Flaws in Chrome

Just a few days after releasing a fairly large set of patches for its Chrome browser, Google has pushed out another update, fixing 13 vulnerabilities, more than half of them being high-severity bugs. The newest version of Chrome also includes an updated version of Adobe Flash that has a fix for a...

Heap overflow

Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent GWIA in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail message, related to a...

Secunia Research: Novell GroupWise Internet Agent &quot;TZNAME&quot; Parsing Vulnerability

====================================================================== Secunia Research 27/09/2011 - Novell GroupWise Internet Agent "TZNAME" Parsing Vulnerability - ====================================================================== Table of Contents Affected...

ruby: memory corruption in BigDecimal on 64bit platforms

The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service applicati...

CVE-2011-0183

Libinfo in Apple Mac OS X before 10.6.7 does not properly handle an unspecified integer field in an NFS RPC packet, which allows remote attackers to cause a denial of service lockd, statd, mountd, or portmap outage via a crafted packet, related to an "integer truncation issue."...

Integer overflow

The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service applicati...

CVE-2011-0188

The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service applicati...

CVE-2011-0188

CVE-2011-0188 concerns memory allocation in the BigDecimal implementation (bigdecimal.c) for Ruby 1.9.2-p136 and earlier, used on macOS before 10.6.7 and other platforms. The issue is that VpMemAlloc may misallocate memory for very large BigDecimal values in 64-bit processes, enabling context-dep...

CVE-2011-0183

CVE-2011-0183 : Libinfo in Mac OS X before 10.6.7 fails to handle an unspecified integer field in an NFS RPC packet, causing a denial of service in NFS services (lockd, statd, mountd, portmap) via an integer truncation issue. Affected product: Mac OS X (Libinfo). Root cause: improper handling of ...

CVE-2011-0188

The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service applicati...

Microsoft Windows Kernel整数截断本地权限提升漏洞

BUGTRAQ ID: 46136 CVE ID: CVE-2011-0045 Windows是微软发布的非常流行的操作系统。 Windows Kernel在实现上存在本地权限提升漏洞，攻击者可利用此漏洞以内核级别权限执行任意代码，从而完全控制受影响计算机。 此漏洞源于Kernel对跟踪事件的支持。由于畸形转换，Kernel为用户空间中的数据分配使用截断的长度。在填充此缓冲区时，Kernel将使用造成缓冲区溢出的另一个长度。这将造成内存破坏并导致执行任意代码。 Microsoft Windows XP Tablet PC Edition SP3 Microsoft Windows XP...

MS11-011(CVE-2011-0045): MS Windows XP WmiTraceMessageVa Integer Truncation Vulnerability PoC

No description provided by source. / Exploit Title: MS11-011CVE-2011-0045: MS Windows XP WmiTraceMessageVa Integer Truncation Vulnerability PoC Date: 2011-03-01 Author: Nikita Tarakanov CISS Research Team Software Link: Version: prior to MS11-011 Tested on: Win XP SP3 CVE : CVE-2011-0045 Status :...

MS Windows XP WmiTraceMessageVa Integer Truncation Vulnerability PoC

Exploit for windows platform in category dos / poc / Exploit Title: MS11-011CVE-2011-0045: MS Windows XP WmiTraceMessageVa Integer Truncation Vulnerability PoC Date: 2011-03-01 Author: Nikita Tarakanov CISS Research Team Software Link: Version: prior to MS11-011 Tested on: Win XP SP3 CVE :...