Buffer overflow

Buffer overflow in Active Directory, Active Directory Application Mode ADAM, and Active Directory Lightweight Directory Service AD LDS in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote...

PT-2011-4435 · Microsoft · Windows Xp +7

Name of the Vulnerable Software and Affected Versions: Active Directory versions prior to the fixed version Active Directory Application Mode ADAM versions prior to the fixed version Active Directory Lightweight Directory Service AD LDS versions prior to the fixed version Microsoft Windows XP...

Ubuntu 10.10 : linux vulnerabilities (USN-1183-1)

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Neil Horman discovered that NFSv4 did not correctly handle...

CVE-2011-1824

CVE-2011-1824 affects Opera versions older than 10.61. The vulnerability arises in VEGAOpBitmap::AddLine when processing a SELECT element’s SIZE attribute, causing an uninitialized memory write that can crash the application or potentially allow arbitrary code execution. Exploitation involves lar...

Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1086-1)

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4075 Dan Rosenberg discovered that the socket filters did not correctly...

CVE-2011-0636

The CVE-2011-0636 entry/issue affects NVIDIA CUDA Toolkit 3.2 developer drivers for Linux (260.19.26) and possibly other versions, where the functions cudaHostAlloc and cuMemHostAlloc do not initialize pinned memory. This can allow local users to read potentially sensitive memory (e.g., file frag...

CVE-2009-3737

The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote attackers to execute arbitrary code via a crafted HTML document...

CVE-2009-3737

The Oracle Siebel Option Pack for IE ActiveX control does not properly initialize memory that is used by the NewBusObj method, which allows remote attackers to execute arbitrary code via a crafted HTML document...

CVE-2009-3737

CVE-2009-3737 concerns Oracle Siebel Option Pack for IE ActiveX control. The vulnerability stems from improper memory initialization in the NewBusObj method, enabling remote code execution via a crafted HTML document. CERT and Red Hat entries corroborate remote execution potential and provide mit...

Oracle Siebel Option Pack for IE ActiveX control memory initialization vulnerability

Overview The Oracle Siebel Option Pack for IE ActiveX control fails to properly initialize memory, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Siebel Option Pack for IE is an ActiveX control that is provided by Oracle Siebel...

Microsoft IE未初始化内存远程代码执行漏洞（MS10-018）

BUGTRAQ ID: 39023,39031 CVE ID: CVE-2010-0267,CVE-2010-0490 Internet Explorer是Windows操作系统中默认捆绑的web浏览器。 Internet Explorer访问尚未正确初始化或已被删除的对象的方式中存在多个远程执行代码漏洞。攻击者可以通过构建特制的网页来利用该漏洞，当用户查看网页时，该漏洞可能允许远程执行代码。成功利用此漏洞的攻击者可以获得与登录用户相同的用户权限。 Microsoft Internet Explorer 8.0 Microsoft Internet Explorer 7.0...

Ubuntu Update for libpng vulnerabilities USN-913-1

Ubuntu Update for Linux kernel vulnerabilities USN-913-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9131.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for libpng vulnerabilities USN-913-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu: Security Advisory (USN-913-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-913-1: libpng vulnerabilities

It was discovered that libpng did not properly initialize memory when decoding certain 1-bit interlaced images. If a user or automated system were tricked into processing crafted PNG images, an attacker could possibly use this flaw to read sensitive information stored in memory. This issue only...

CVE-2010-0663

The ParamTraits::Read function in common/commonparamtraits.cc in Google Chrome before 4.0.249.78 does not initialize the memory locations that will hold bitmap data, which might allow remote attackers to obtain potentially sensitive information from process memory by providing insufficient data,...

CVE-2010-0663

CVE-2010-0663 refers to Google Chrome prior to 4.0.249.78, where the ParamTraits::Read function in common/common_param_traits.cc does not initialize memory for bitmap data. This could allow remote attackers to obtain potentially sensitive information from process memory, related to use of a thumb...

CentOS 5 : kernel (CESA-2007:0347)

Updated kernel packages that fix security issues and bugs in the Red Hat Enterprise Linux 5 kernel are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles the basic functions of the operating system. These n...

Mandrake Security Advisory MDVSA-2009:281 (cups)

The remote host is missing an update to cups announced via advisory MDVSA-2009:281. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Hardcoded credentials

WebKit in Apple Safari before 4.0 does not properly initialize memory for Attr DOM objects, which allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted HTML document...

CVE-2009-1711

CVE-2009-1711 affects WebKit-based components (notably in Apple Safari before 4.0) where WebKit’s Attr DOM memory is not properly initialized. This can allow remote attackers to execute arbitrary code or cause a denial of service via a crafted HTML document that exercises Attr DOM memory handling...