CVE-2011-1982

CVE-2011-1982 describes an uninitialized object pointer vulnerability in Microsoft Office (notably Office 2007 SP2, and Office 2010 Gold/SP1) that can allow remote code execution when opening Word documents via a crafted file. The underlying issue is an uninitialized pointer in MSO.dll triggered ...

flash-plugin: multiple code execution flaws (APSB11-02)

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service memory corruption via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560,...

RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute code on vulnerable installations of RealPlayer. User interaction is required in that a user must open a malicious file or visit a malicious web site. The specific flaw exists during the parsing of files with improperly defined ASMRuleBook...

iDefense Security Advisory 10.13.09: Microsoft Office Drawing Format Shape Properties Memory Corruption Vulnerability

iDefense Security Advisory 10.13.09 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 13, 2009 I. BACKGROUND Microsoft Office is a suite of products used for document, spreadsheet, and presentation creation and viewing. Office Drawing Format is a binary file format developed by Microsoft...

ZDI-09-033: Apple WebKit dir Attribute Freeing Dangling Object Pointer Vulnerability

ZDI-09-033: Apple WebKit dir Attribute Freeing Dangling Object Pointer Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-033 June 8, 2009 -- CVE ID: CVE-2009-1701 -- Affected Vendors: Apple -- Affected Products: Apple Safari -- Vulnerability Details: This vulnerability allows...

Apple WebKit dir Attribute Freeing Dangling Object Pointer Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable software utilizing the Apple WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when the document.body element contains a...

Integer overflow

Multiple buffer overflows in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via 1 a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen,...

CVE-2009-1097

Multiple buffer overflows in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via 1 a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen,...

CVE-2009-1097

Multiple buffer overflows in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via 1 a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen,...

Null pointer dereference

CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted text content that triggers an access of an uninitialized object pointer...

CVE-2007-4682

CoreText in Apple Mac OS X 10.4 through 10.4.10 allows attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted text content that triggers an access of an uninitialized object pointer...

联众世界游戏大厅GLItemCom.DLL ActiveX控件堆溢出漏洞

BUGTRAQ ID: 25565 联众世界游戏大厅是联众世界自主开发的一款集棋牌、休闲、对战于一体的游戏客户端。 联众世界游戏大厅所安装的GLItemCom.DLL ActiveX控件中SetClientInfo函数存在堆溢出漏洞。 如果用户受骗使用IE访问了恶意网页的话，就可以触发这个溢出，导致在用户系统上执行任意指令。以下是已公开的PoC代码： -----Cut Below------------------------------------------------------------------ OBJECT id=target...

Fuzzing in Microsoft Word overflow analysis and use-vulnerability and early warning-the black bar safety net

This article has been published in the hacker line of Defense of the 2 0 0 7 years 7 monthly. The author and the hacker line of Defense on the retention of copyright, reproduced, please indicate the original source. For the reader: overflow of lovers Pre-knowledge: Assembly language, buffer...

VulnCheck KEV: CVE-2006-2492

Microsoft Word and Microsoft Works Suites contain a malformed object pointer which allows attackers to execute code...

Buffer overflow

Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack...

CVE-2006-2492

Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack...