2115 matches found
Mozilla Firefox JIT escape Function Memory Corruption - Ver2 (CVE-2009-2477)
Mozilla Firefox is a web browser developed by Mozilla Foundation. The browser is capable of interpreting and rendering many types of content published on the Internet, including various versions of HTML, XML, XUL, JavaScript, and various graphic formats, and so on. The browser runs on Windows,...
Exploit for Code Injection in Oracle Jdk
========================= Title ================================...
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
This module exploits a vulnerability in Adobe Flash Player versions 10.3.181.23 and earlier. This issue is caused by a failure in the ActionScript3 AVM2 verification logic. This results in unsafe JITJust-In-Time code being executed. This is the same vulnerability that was used for attacks against...
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
Exploit for windows platform in category remote exploits $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require...
Adobe Flash Player - AVM Verification Logic Array Indexing Code Execution (Metasploit)
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Adobe Flash Player AVM...
Adobe Flash Player AVM Verification Logic Array Indexing Code Execution
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Adobe Flash Player AVM...
Microsoft .NET Framework JIT编译器优化NULL字符串远程代码执行漏洞(MS11-044)
BUGTRAQ ID: 47834 CVE ID: CVE-2011-1271 .NET Framework是用于Windows的新托管代码编程模型。 Microsoft .NET Framework在实现上存在JIT编译器优化NULL字符串远程代码执行漏洞,远程攻击者可利用此漏洞执行任意代码。 此漏洞源于.NET JIT编译器错误地验证了对象中的某些值,通过诱使用户访问带有XBAP的特制网站加以利用。 Microsoft .NET Framework 4.x Microsoft .NET Framework 3.x Microsoft .NET Framework 2.x 厂商补丁:...
Microsoft .NET Framework Remote Code Execution Vulnerability (2538814)
This host is missing a critical security update according to Microsoft Bulletin MS11-044. OpenVAS Vulnerability Test $Id: secpodms11-044.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft .NET Framework Remote Code Execution Vulnerability 2538814 Authors: Sooraj KS Copyright: Copyright c 2011 SecPod,...
Microsoft .Net Framework multiple security vulnerabilities
Array index overflow, JIT compiler code execution...
MS11-044: Vulnerability in .NET Framework Could Allow Remote Code Execution (2538814)
The JIT compiler included with the version of the .NET Framework installed on the remote host incorrectly validates certain values within an object. An attacker may be able to leverage this vulnerability to run arbitrary code as the logged in user or the user account of ASP.NET on the affected...
Microsoft .NET Framework Remote Code Execution Vulnerability (2538814)
This host is missing a critical security update according to Microsoft Bulletin MS11-044. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft .NET Framework Security Bypass Vulnerability
The host is installed with Microsoft .NET Framework and is prone to security bypass vulnerability This NVT has been replaced by NVT secpodms11-044.nasl OID:1.3.6.1.4.1.25623.1.0.902522. OpenVAS Vulnerability Test $Id: secpodmsdotnetsecuritybypassvuln.nasl 5362 2017-02-20 12:46:39Z cfi $ Microsoft...
Microsoft .NET Framework Security Bypass Vulnerability
Microsoft .NET Framework is prone to a security bypass vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.902522. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C b...
CVE-2011-1271
The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions, and consequently execute arbitrary...
Design/Logic Flaw
The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions, and consequently execute arbitrary...
CVE-2011-1271
The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions, and consequently execute arbitrary...
CVE-2011-1271
The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions, and consequently execute arbitrary...
CVE-2011-1271
The CVE describes a JIT optimization flaw in Microsoft .NET Framework that mishandles null-string expressions, enabling context-dependent attackers to execute arbitrary code. Affected products/variants include .NET Framework 3.5 Gold/SP1 (and 3.5.1) and 4.0 when IsJITOptimizerDisabled is false. E...
EUVD-2011-1279
The JIT compiler in Microsoft .NET Framework 3.5 Gold and SP1, 3.5.1, and 4.0, when IsJITOptimizerDisabled is false, does not properly handle expressions related to null strings, which allows context-dependent attackers to bypass intended access restrictions, and consequently execute arbitrary...
Memory corruption
The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via 1 a crafted XAML browser application aka XBAP, 2 a crafted ASP.NET application, or 3 a crafted .NET Framework...