Mozilla OOM condition arbitrary memory write (MFSA 2011-12)

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code vi...

Critical: Red Hat Security Advisory: seamonkey security update

Updated seamonkey packages that fix several security issues are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, ar...

DEBIAN-CVE-2011-1553

Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service application crash via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different...

CVE-2011-1553

Use-after-free vulnerability in t1lib 5.1.2 and earlier, as used in Xpdf before 3.02pl6, teTeX, and other products, allows remote attackers to cause a denial of service application crash via a PDF document containing a crafted Type 1 font that triggers an invalid memory write, a different...

kernel: arbitrary kernel memory write via i915 GEM ioctl

drivers/gpu/drm/i915/i915gem.c in the Graphics Execution Manager GEM in the Intel i915 driver in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory...

RHEL 6 : kernel (RHSA-2010:0842)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0842 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: Missi...

kernel: arbitrary kernel memory write via i915 GEM ioctl

drivers/gpu/drm/i915/i915gem.c in the Graphics Execution Manager GEM in the Intel i915 driver in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory...

Linux Kernel VIDIOCSMICROCODE IOCTL Local Memory Overwrite

/ CVE-2010-2963 Arbitrary write memory write via v4l1 compat ioctl. Kees Cook greets to drosenberg, spender, taviso / define GNUSOURCE include include include include include include "expframework.h" include include include include include include include include include include struct capheadert...

Linux Kernel 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite

Linux Kernel 2.6.36 - VIDIOCSMICROCODE IOCTL Local Memory Overwrite // source: https://www.securityfocus.com/bid/44242/info / CVE-2010-2963 Arbitrary write memory write via v4l1 compat ioctl. Kees Cook greets to drosenberg, spender, taviso / define GNUSOURCE include include include include includ...

CVE-2010-3241

Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out-of-Bounds Memory Write in Parsing Vulnerabilit...

Design/Logic Flaw

Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out-of-Bounds Memory Write in Parsing Vulnerabilit...

CVE-2010-3241

CVE-2010-3241 is a remote code execution vulnerability in Microsoft Excel’s parsing of binary file-format information. Affected products include Excel 2002 SP3, Office 2004/2008 for Mac, and Open XML File Format Converter for Mac. The root cause is an out-of-bounds memory write during parsing, en...

Microsoft Excel Out-of-Bounds Memory Write (CVE-2010-3241) Remote Code Execution Vulnerability

Description Microsoft Excel is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Excel file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

Microsoft WINS - Service Memory Overwrite (MS04-045) (Metasploit)

$Id: ms04045wins.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

[slackware-security] libpng

New libpng packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, 13.1, and -current to fix security issues. Here are the details from the Slackware 13.1 ChangeLog: patches/packages/libpng-1.4.3-x8664-1slack13.1.txz: Upgraded. Upgraded to libpng-1.2.44...

SumatraPDF 1.1 - Denial of Service (PoC)

Exploit Title: SumatraPDF v1.1 Denial-of-Service Date: June, 14, 2010 Author: Matthew Bergin Software Link: blog.kowalczyk.info/software/sumatrapdf Version: 1.1 Tested on: Windows XP Home SP3 Code was generated utilizing a custom fuzzer, PoC creates an Access Violation when writing to memory...

JDK multiple unspecified vulnerabilities

Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, 1.4.225, and 1.3.127 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the March...

Cain local overflow vulnerability analysis-vulnerability warning-the black bar safety net

Busy to shop around milw0rm. Find a Cain Overflow Exploit. See http://www. milw0rm. com/exploits/7 3 0 9 As a skilled your own debugging skills comes the analysis below. For Cain & Abel = v4. 9. 2 4the other I didn't, after all I'm just the analysis of vulnerabilities rather than just find...

Memory corruption

Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown...

WebMod多个远程安全漏洞

BUGTRAQ ID: 29031 WebMod是开放源码的MetaMod插件，可用作CS游戏的web服务器。 WebMod插件中存在多个安全漏洞，可能允许远程攻击者执行目录遍历攻击、触发缓冲区溢出或读取敏感信息。 ---------------------- A 目录遍历 ----------------------...