Mozilla Firefox < 38.0 Multiple Vulnerabilities

Binary data 8865.prm...

Mozilla Firefox ESR Multiple Vulnerabilities-01 (May 2015) - Windows

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

Mozilla Firefox Multiple Vulnerabilities-01 (May 2015) - Windows

Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...

UBUNTU-CVE-2015-1237

Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/renderframeimpl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages...

chromium-browser: combination of V8, Gamepad and IPC bugs that can lead to remote code execution

Google Chrome before 41.0.2272.118 does not properly handle the interaction of IPC, the Gamepad API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors...

Unspecified Arbitrary Code Execution Vulnerability in Google Chrome IPC Interaction

Google Chrome is a WEB-based browser. Google Chrome fails to properly handle IPC, Gamepad API, and Google V8 interaction vulnerabilities, allowing remote attackers to construct malicious WEB pages that can be tricked into parsing and executing arbitrary code...

Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability (CNVD-2015-01868)

The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. Cisco AnyConnect Secure Mobility Client 4.0 .00051 and prior versions contain a security vulnerability in the IPC channel, which can be exploited by a local user to write to any user-space memory location via a...

Cisco AnyConnect Secure Mobility Client Arbitrary File Write Vulnerability

The Cisco AnyConnect Secure Mobility Client is Cisco's next-generation VPN client. The Cisco AnyConnect Secure Mobility Client has a security vulnerability in inter-process communication IPC that allows a local attacker to write and overwrite arbitrary files with elevated privileges...

Cisco AnyConnect Secure Mobility Client Arbitrary File Write Vulnerability

A vulnerability in the inter-process communication IPC channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to write arbitrary files with elevated privileges. The vulnerability is due to lack of authentication or authorization of certain IPC commands. An...

[SECURITY] [DSA 3161-1] dbus security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3161-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 11, 2015 http://www.debian.org/security/faq -...

D-Bus Local Denial of Service Vulnerability

D-Bus is an inter-process communication IPC implementation. It is used to send messages between applications. D-Bus suffers from a local denial of service vulnerability that can be exploited by a local attacker to crash the system and deny service to legitimate users...

D-Bus Local Elevation of Privilege Vulnerability

D-Bus is an inter-process communication IPC implementation. It is used to send messages between applications. D-Bus suffers from a local elevation of privilege vulnerability that can be exploited by an attacker to execute arbitrary code with root privileges...

v8: IPC and v8 issue fixed in Google Chrome 38.0.2125.101

Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers to execute arbitrary code via vectors involving JSON data, related to improper parsing of an escaped index by ParseJsonObject in...

ProFTPD 1.3.0/1.3.0 a (mod_ctrls support) Local Buffer Overflow Exploit vulnerabilities and attack code analysis-vulnerability warning-the black bar safety net

Exploit code URL: ! 1, Operating environment: 1, The ProFTPD 1.3.0/1.3.0 a 2, the compiled ProFTPD,--enable-ctrls option must be open ./ configure --enable-ctrls 3, the local user need to have through the Unix Socket permission to connect 2, The Run parameters: revenge@darklight$ ./...

UBUNTU-CVE-2014-3176

Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177...

[SECURITY] [DSA 2971-1] dbus security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2971-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso July 02, 2014 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 2971-1 (dbus - security update)

Several vulnerabilities have been discovered in dbus, an asynchronous inter-process communication system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2014-3477 Alban Crequy at Collabora Ltd. discovered that dbus-daemon sends an AccessDenied error to the...

Microsoft Windows 2000 Still Image Service Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1651/info The Still Image Service in windows 2000 is vulnerable to an unchecked buffer which could enable a user to run commands at the privilege level of the service LocalSystem by default. This is due to an unchecked...

kernel: ipc: ipc_rcu_putref refcount races

A flaw was found in the way the ipcrcuputref function in the Linux kernel's IPC implementation handled reference counter decrementing. A local, unprivileged user could use this flaw to trigger an Out of Memory OOM condition and, potentially, crash the system...

Ubuntu 10.04 LTS : linux vulnerabilities (USN-1876-1)

Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 An information leak was discovered in the Linux kernel's rcvmsg path for ATM...