550 matches found
CVE-2016-7549
Google Chrome before 53.0.2785.113 does not ensure that the recipient of a certain IPC message is a valid RenderFrame or RenderWidget, which allows remote attackers to cause a denial of service invalid pointer dereference and application crash or possibly have unspecified other impact by leveragi...
chromium-browser: DoS via invalid recipient of IPC message
Google Chrome before 53.0.2785.113 does not ensure that the recipient of a certain IPC message is a valid RenderFrame or RenderWidget, which allows remote attackers to cause a denial of service invalid pointer dereference and application crash or possibly have unspecified other impact by leveragi...
chromium-browser: sandbox escape in ppapi
The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC messages to the plugin broker process that should have come from the browser process, which allows remote attackers to bypass a sandbox protection mechanism via an unexpected message type, related to...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3016-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3016-1 advisory. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility...
Ubuntu 14.04 LTS : Linux kernel (Wily HWE) vulnerabilities (USN-3017-3)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3017-3 advisory. USN-3017-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement H...
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-3020-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3020-1 advisory. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility...
USN-3016-3: Linux kernel (Qualcomm Snapdragon) vulnerabilities
Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...
samba: Smb signing not required by default when smb client connection is used for ipc usage
It was found that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client...
samba: Smb signing not required by default when smb client connection is used for ipc usage
It was found that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client...
samba: Smb signing not required by default when smb client connection is used for ipc usage
It was found that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client...
samba: Smb signing not required by default when smb client connection is used for ipc usage
It was found that Samba did not enable integrity protection for IPC traffic by default. A man-in-the-middle attacker could use this flaw to view and modify the data sent between a Samba server and a client...
RHEL 6 / 7 : ISC DHCP Concurrent TCP Sessions DoS
RedHat Enterprise Linux 6 / 7 is affected by a denial of service vulnerability in the bundled ISC DHCP server due to a failure to properly restrict the number of concurrent TCP sessions to the ports the server uses for inter-process communications and control. An unauthenticated, remote attacker...
Fedora 22 : kdelibs3-3.5.10-71.fc22 (2015-2f4b92ed2e)
Security fix for CVE-2015-7543 in kdelibs3 the KDE 3 compatibility version of kdelibs: A temporary directory was being created insecurely using mktemp and mkdir, allowing an attacker to hijack the temporary directory and thus the inter-process communication IPC. This update fixes the temporary...
Fedora 23 : kdelibs3-3.5.10-71.fc23 (2015-6e50918d8e)
Security fix for CVE-2015-7543 in kdelibs3 the KDE 3 compatibility version of kdelibs: A temporary directory was being created insecurely using mktemp and mkdir, allowing an attacker to hijack the temporary directory and thus the inter-process communication IPC. This update fixes the temporary...
Mozilla Firefox < 38.0 Multiple Vulnerabilities
Binary data 8865.prm...
Mozilla Firefox ESR Multiple Vulnerabilities-01 (May 2015) - Windows
Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...
Mozilla Firefox Multiple Vulnerabilities-01 (May 2015) - Windows
Mozilla Firefox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefox";...
UBUNTU-CVE-2015-1237
Use-after-free vulnerability in the RenderFrameImpl::OnMessageReceived function in content/renderer/renderframeimpl.cc in Google Chrome before 42.0.2311.90 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger renderer IPC messages...
chromium-browser: combination of V8, Gamepad and IPC bugs that can lead to remote code execution
Google Chrome before 41.0.2272.118 does not properly handle the interaction of IPC, the Gamepad API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors...
Unspecified Arbitrary Code Execution Vulnerability in Google Chrome IPC Interaction
Google Chrome is a WEB-based browser. Google Chrome fails to properly handle IPC, Gamepad API, and Google V8 interaction vulnerabilities, allowing remote attackers to construct malicious WEB pages that can be tricked into parsing and executing arbitrary code...