DEBIAN-CVE-2015-7554

The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image...

CVE-2015-7554

The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image...

CVE-2015-7554

The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image...

Code injection

The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image...

CVE-2015-7554

The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image...

CVE-2015-7554

The CVE-2015-7554 flaw is in libtiff (TIFFVGetField in tif_dir.c) where parsing certain extension tags can trigger an invalid memory write, leading to a crash or potentially arbitrary code execution. Affected downstream packages include libtiff and libtiff-tools (examples shown in F5 advisory and...

CVE-2015-7554

The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image...

Dell Pre-Boot Authentication Driver Uncontrolled Write Vulnerability

The Dell Pre-Boot Authentication Driver PBADRV.sys contains a vulnerability that can be leveraged to enable an attacker to write arbitrary code. The 'OutputAddress' from the IOCTL call is not validated before it attempts to write to memory. The content of the write is a four-byte hex value that i...

Wireshark - memcpy get_value dissect_btatt SIGSEGV

Wireshark - memcpy getvalue dissectbtatt SIGSEGV Source: https://code.google.com/p/google-security-research/issues/detail?id=653 The following SIGSEGV crash due to an invalid memory write can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$...

Wireshark - memcpy 'get_value / dissect_btatt' SIGSEGV

Source: https://code.google.com/p/google-security-research/issues/detail?id=653 The following SIGSEGV crash due to an invalid memory write can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": --- cut ---...

Apple Mac OSX 10.11 - FTS Deep Structure of the FileSystem Buffer Overflow

MacOS X 10.11 FTS Deep structure of the file system Buffer Overflow Credit: Maksymilian Arciemowicz CXSECURITY Website: http://cxsecurity.com/ http://cert.cx/ Affected software: - MACOS's Commands such as: ls, find, rm - iPhone 4s and later, - Apple Watch Sport, Apple Watch, Apple Watch Edition a...

Mac OS X 10.11 FTS Deep Structure of the File System Buffer Overflow Exploit

Mac OS X version 10.11 suffered from an FTS deep structure of the file system buffer overflow vulnerability. MacOS X 10.11 FTS Deep structure of the file system Buffer Overflow Credit: Maksymilian Arciemowicz CXSECURITY Website: http://cxsecurity.com/ http://cert.cx/ Affected software: - MACOS's...

Mac OS X 10.11 FTS Buffer Overflow

MacOS X 10.11 FTS Deep structure of the file system Buffer Overflow Credit: Maksymilian Arciemowicz CXSECURITY Website: http://cxsecurity.com/ http://cert.cx/ Affected software: - MACOS's Commands such as: ls, find, rm - iPhone 4s and later, - Apple Watch Sport, Apple Watch, Apple Watch Edition a...

Hacking Team Android browser attacks during the vulnerability analysis Stage3-vulnerability warning-the black bar safety net

A, vulnerability introduction: Hacking team of the year broke out for android4. 0. x-4.3. x android browser vulnerabilities to attack the use of the code. The exploit code, by successive use of a plurality of browser and kernel vulnerabilities, is done through Javascript to the virtual memory wri...

CVE-2007-1378

The ovrimoslongreadlen function in the Ovrimos extension for PHP before 4.4.5 allows context-dependent attackers to write to arbitrary memory locations via the resultid and length arguments...

MacOS X 10.11 FTS Buffer Overflow

MacOS X 10.11 FTS Deep structure of the file system Buffer Overflow Credit: Maksymilian Arciemowicz CXSECURITY Website: http://cxsecurity.com/ http://cert.cx/ Affected software: - Commands such as: ls, find, rm - probably more Apple file system suffer for a issue recognised in FTS library. The ma...

word type confusion Vulnerability CVE-2 0 1 5-1 6 4 1 Analysis-vulnerability warning-the black bar safety net

Vulnerability overview This year 4 month, Microsoft patched a named CVE-2 0 1 5-1 6 4 1 word type confusion vulnerability, an attacker can construct the embedded docx rtf documents to attack. word in parsing the docx document processing displacedByCustomXML attribute not customXML object for...

PT-2016-4036 · Qemu Team +2 · Qemu +2

Name of the Vulnerable Software and Affected Versions: QEMU affected versions not specified Description: The issue is related to the cpu physical memory write rom internal function in exec.c, which does not properly skip MMIO regions. This allows local privileged guest users to cause a denial of...

SIS XGI VGA Display Manager Privilege Vulnerability

SIS XGI VGA Display Manager is a VGA display manager. A security vulnerability exists in SIS XGI VGA Display Manager that allows an attacker to write to arbitrary memory locations and gain elevated privileges...

UBUNTU-CVE-2015-5950

The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on Windows; R304 before 304.128, R340 before 340.93, and R352 before 352.41 on Linux; and R352 before 352.46 on GRID vGPU and vSGA allows local users to write to an arbitrary kernel memory location and consequently gain privilege...