Mozilla: Code execution through incorrect JavaScript bounds checking elimination (MFSA 2015-29)

The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaMonkey before 2.33.1 does not properly determine the cases in which bounds checking may be safely skipped during JIT compilation and heap access, which allows remote attackers to read or write to...

UBUNTU-CVE-2014-8641

Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data...

Mozilla: Read-after-free in WebRTC (MFSA 2015-06)

Use-after-free vulnerability in the WebRTC implementation in Mozilla Firefox before 35.0, Firefox ESR 31.x before 31.4, and SeaMonkey before 2.32 allows remote attackers to execute arbitrary code via crafted track data...

UBUNTU-CVE-2014-1593

Stack-based buffer overflow in the mozilla::FileBlockCache::Read function in Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, Thunderbird before 31.3, and SeaMonkey before 2.31 allows remote attackers to execute arbitrary code via crafted media content...

Netflix Open Source Security Tools Solve Range of Challenges

Few organizations experience the scale of Web-based application security challenges that Netflix engineers deal with on a regular basis. Sometimes the response to a threat requires a homespun tool that, more often than not, ends up being released to open source. “Our assumption is that we...

CVE-2014-5336

Monkey HTTP Server before 1.5.3, when the File Descriptor Table FDT is enabled and custom error messages are set, allows remote attackers to cause a denial of service file descriptor consumption via an HTTP request that triggers an error message...

CVE-2014-5336

Monkey HTTP Server before 1.5.3, when the File Descriptor Table FDT is enabled and custom error messages are set, allows remote attackers to cause a denial of service file descriptor consumption via an HTTP request that triggers an error message...

Design/Logic Flaw

Monkey HTTP Server before 1.5.3, when the File Descriptor Table FDT is enabled and custom error messages are set, allows remote attackers to cause a denial of service file descriptor consumption via an HTTP request that triggers an error message...

CVE-2014-5336

CVE-2014-5336 affects Monkey HTTP Server prior to 1.5.3. When the File Descriptor Table (FDT) is enabled and custom error messages are configured, a remote attacker can trigger an HTTP error response that consumes file descriptors, causing a denial of service. The impact described is a partial av...

CVE-2014-5336

Monkey HTTP Server before 1.5.3, when the File Descriptor Table FDT is enabled and custom error messages are set, allows remote attackers to cause a denial of service file descriptor consumption via an HTTP request that triggers an error message...

Monkey HTTP Server 0.1/0.4/0.5 - Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/5829/exploit Monkey HTTP server is prone to cross site scripting vulnerabilities. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link. Attacker-supplied HTML and script code may...

Monkey CMS - Multiple Vulnerabilities

No description provided by source. Exploit Title: Monkey CMS - Multiple Vulnerabilities Date: 2013 17 June Exploit Author: Yashar shahinzadeh & Mormoroth Vendor Homepage: http://www.monkeycms.com/ Tested on: Linux & Windows, PHP 5.3.10 Affected Version : All versions Contacts:...

dm filemanager 3.9.4 - Remote File Inclusion Vulnerability

No description provided by source. + DM FileManager 3.9.4 Remote File Include Vulnerability + Author : Septemb0x + www.Cyber-Warrior.Org - Information Technology's World + Greetz : BARCOD3 And All Friends... + Dork : Yok Dork Mork :D + Download Script : http://uploaded.to/file/3z84ie + Product Si...

Monkey HTTP Daemon < 0.9.3 - Denial of Service Vulnerability

No description provided by source. Monkey HTTP Daemon is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause the application to crash, denying service to legitimate users. Versions prior to Monkey HTTP Daemon 0.9.3 are vulnerable. !/usr/bin/env python...

Monkey HTTPD 1.1.1 - Crash PoC

No description provided by source. Title: ====== Monkey HTTPD 1.1.1 - Denial of Service Vulnerability Date: ===== 2013-05-28 References: =========== http://bugs.monkey-project.com/ticket/181 Introduction: ============= Monkey is a lightweight and powerful web server for GNU/Linux. It has been...

Monkey HTTP Daemon 0.4/0.5/0.6 Excessive POST Data Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7202/info Monkey HTTP Daemon is prone to a boundary condition error. This condition occurs when the server attempts to handle excessive HTTP POST data. Exploitation could allow a remote attacker to corrupt sensitive regio...

CVE-2013-3843

Stack-based buffer overflow in the mkrequestheaderprocess function in mkrequest.c in Monkey HTTP Daemon monkeyd before 1.2.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTTP header...

CVE-2013-2182

The Mandril security plugin in Monkey HTTP Daemon monkeyd before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash...

CVE-2013-2163

Monkey HTTP Daemon monkeyd before 1.2.2 allows remote attackers to cause a denial of service infinite loop via an offset equal to the file size in the Range HTTP header...

CVE-2013-2182

The Mandril security plugin in Monkey HTTP Daemon monkeyd before 1.5.0 allows remote attackers to bypass access restrictions via a crafted URI, as demonstrated by an encoded forward slash...