CVE-2012-1890

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle keyboard-layout files, which allows local users to gain privileges via a crafted...

Design/Logic Flaw

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle keyboard-layout files, which allows local users to gain privileges via a crafted...

CVE-2012-1890

CVE-2012-1890 affects win32k.sys in multiple Windows platforms (XP SP2/SP3, Server 2003 SP2, Vista SP2, Server 2008 SP2/R2, Windows 7 SP1) where keyboard-layout files are not properly validated, enabling local privilege escalation via a memory‑corruption bug in ReadLayoutFile that overwrites a ke...

OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.237 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via...

Fedora 17 : java-1.7.0-openjdk-1.7.0.3-2.2.1.fc17.8 (2012-9590)

S7079902, CVE-2012-1711: Refine CORBA data models S7110720: Issue with vm config file loadingIssue with vm config file loading S7143606, CVE-2012-1717: File.createTempFile should be improved for temporary files created by the platform. S7143614, CVE-2012-1716: SynthLookAndFeel stability improveme...

RHEL 5 : java-1.6.0-openjdk (RHSA-2012:0730)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0730 advisory. - OpenJDK: improper protection of CORBA data models CORBA, 7079902 CVE-2012-1711 - OpenJDK: fontmanager layout lookup code memory corruption...

OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.237 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via...

OpenJDK: fontmanager layout lookup code memory corruption (2D, 7143617)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, 1.4.237 and earlier, and JavaFX 2.1 and earlier allows remote attackers to affect confidentiality, integrity, and availability via...

(Pwn2Own) Microsoft Internet Explorer Fixed Table Colspan Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Buffer overflow and use-after-free issues found using Address Sanitizer — Mozilla

Security researcher Abhishek Arya of Google used the Address Sanitizer tool to uncover several issues: two heap buffer overflow bugs and a use-after-free problem. The first heap buffer overflow was found in conversion from unicode to native character sets when the function fails. The use-after-fr...

Microsoft Windows XP - Keyboard Layouts Pool Corruption (PoC) (MS12-034)

Microsoft Windows XP - Keyboard Layouts Pool Corruption PoC MS12-034 =========== Description =========== Windows XP keyboard layouts pool corruption 0day PoC, post-MS12-034. Vulnerability exists in the function win32k!ReadLayoutFile, that parses keyboard layout files data. Possible attack vector ...

Firefox 8/9 AttributeChildRemoved() Use-After-Free

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

Mozilla Firefox 8/9 - 'AttributeChildRemoved()' Use-After-Free (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Firefox 8/9...

CVE-2012-0181

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly manage Keyboard Layout files, which allows local users to gain...

Spoofing

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly manage Keyboard Layout files, which allows local users to gain...

CVE-2012-0181

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly manage Keyboard Layout files, which allows local users to gain...

Microsoft Windows本地键盘布局处理权限提升漏洞(CVE-2012-0181)(MS12-034)

BUGTRAQ ID: 53326 CVE ID: CVE-2012-0181 Microsoft Windows是流行的计算机操作系统。 Windows内核模式驱动程序管理键盘布局文件的方式中存在一个特权提升漏洞。成功利用此漏洞的攻击者可以运行内核模式中的任意代码。攻击者随后可安装程序；查看、更改或删除数据；或者创建拥有完全管理权限的新帐户。 0 Microsoft Windows Windows XP Service Pack 3 0 Microsoft Windows Windows XP Professional x64 Ed Microsoft Windows Windows ...

K-Meleon Browser 1.5.4 Denial of Service

Exploit for windows platform in category dos / poc Title: ====== K-Meleon Browser v1.5.4 - Denial of Service Vulnerability Introduction: ============= K-Meleon is an extremely fast, customizable, lightweight web browser based on the Gecko layout engine developed by Mozilla which is also used by...

K-Meleon Browser v1.5.4 - Denial of Service Vulnerability

Document Title: =============== K-Meleon Browser v1.5.4 - Denial of Service Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=510 Release Date: ============= 2012-04-13 Vulnerability Laboratory ID VL-ID: ==================================== 5...

Разработка эксплоитов для Linux. Часть 4 – обход ASCII armor и возврат в plt

Автор: sickness Блог автора: Перевод: Gh0St 07.04.2012 Разработка эксплоитов для Linux. Часть 4 – обход ASCII armor и возврат в plt. ПРИМЕЧАНИЕ: Перед чтением данного документа, рекомендуется ознакомиться со следующими работами: Руководство по написанию эксплоитов для Linux. Часть I – переполнени...