SumatraPDF 1.1 - Denial of Service (PoC)

Exploit Title: SumatraPDF v1.1 Denial-of-Service Date: June, 14, 2010 Author: Matthew Bergin Software Link: blog.kowalczyk.info/software/sumatrapdf Version: 1.1 Tested on: Windows XP Home SP3 Code was generated utilizing a custom fuzzer, PoC creates an Access Violation when writing to memory...

JDK multiple unspecified vulnerabilities

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March...

Cain local overflow vulnerability analysis-vulnerability warning-the black bar safety net

Busy to shop around milw0rm. Find a Cain Overflow Exploit. See http://www. milw0rm. com/exploits/7 3 0 9 As a skilled your own debugging skills comes the analysis below. For Cain & Abel = v4. 9. 2 4the other I didn't, after all I'm just the analysis of vulnerabilities rather than just find...

Memory corruption

Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown...

WebMod多个远程安全漏洞

BUGTRAQ ID: 29031 WebMod是开放源码的MetaMod插件，可用作CS游戏的web服务器。 WebMod插件中存在多个安全漏洞，可能允许远程攻击者执行目录遍历攻击、触发缓冲区溢出或读取敏感信息。 ---------------------- A 目录遍历 ----------------------...

DEBIAN-CVE-2008-1289

Multiple buffer overflows in Asterisk Open Source 1.4.x before 1.4.18.1 and 1.4.19-rc3, Open Source 1.6.x before 1.6.0-beta6, Business Edition C.x.x before C.1.6.1, AsteriskNOW 1.0.x before 1.0.2, Appliance Developer Kit before 1.4 revision 109386, and s800i 1.1.x before 1.1.0.2 allow remote...

Debian Security Advisory DSA 1202-1 (screen)

The remote host is missing an update to screen announced via advisory DSA 1202-1. cstone and Rich Felker discovered that specially crafted UTF-8 sequences may lead an out of bands memory write when displayed inside the screen terminal multiplexer, allowing denial of service and potentially the...

i965 DRM allows insecure packets

The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager DRM to write to arbitrary memory locations and gain privileges via a crafted batchbuffer...

CVE-2007-3851

The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager DRM to write to arbitrary memory locations and gain privileges via a crafted batchbuffer...

CVE-2007-2393

The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution...

CVE-2007-2893

Heap-based buffer overflow in the bxne2kc::rxframe function in iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users of the guest operating system to write to arbitrary memory locations and gain privileges on the host operating system via vectors that cause TXCNT register...

CVE-2007-1378

The ovrimoslongreadlen function in the Ovrimos extension for PHP before 4.4.5 allows context-dependent attackers to write to arbitrary memory locations via the resultid and length arguments...

Debian DSA-1202-1 : screen - programming error

'cstone' and Rich Felker discovered that specially crafted UTF-8 sequences may lead an out of bands memory write when displayed inside the screen terminal multiplexer, allowing denial of service and potentially the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

[SECURITY] [DSA 1202-1] New screen packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1202-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 31st, 2006 http://www.debian.org/security/faq -...

DSA-1202-1 screen - programming error

Bulletin has no description...

GLSA-200511-03 : giflib: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200511-03 giflib: Multiple vulnerabilities Chris Evans and Daniel Eisenbud independently discovered two out-of-bounds memory write operations and a NULL pointer dereference in giflib. Impact : An attacker could craft a malicious G...

giflib: Multiple vulnerabilities

Background giflib is a library for reading and writing GIF images. Description Chris Evans and Daniel Eisenbud independently discovered two out-of-bounds memory write operations and a NULL pointer dereference in giflib. Impact An attacker could craft a malicious GIF image and entice users to load...

security flaw

Format string vulnerability in the protoitemsettext function in Ethereal 0.9.4 through 0.10.11, as used in multiple dissectors, allows remote attackers to write to arbitrary memory locations and gain privileges via a crafted AFP packet...

Multiple applications fd_set structure bitmap array index overflow

Absence of control for large number of open file descriptors or sockets FDSETSIZE allow to write arbitrary memory...

wins_ms04_045.pm

This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artistic. The latest version of the...