Adobe Acrobat and Adobe Reader Plugin Object Reloading Memory Corruption (CVE-2009-2983)

Adobe develops products for creating, distributing, and viewing Portable Document Format PDF documents. Adobe Reader is a viewer application that allows for reading and the printing of PDF documents. Adobe Acrobat provides PDF authoring functionality in addition to those of viewing. In addition t...

Internet Explorer DOM Object Cache Management Memory Corruption (MS07-069; CVE-2007-5344)

Microsoft Internet Explorer IE is the most widely used web browser application. The browser is capable of processing HTML, scripting languages, and interpretation of various other popular Internet specifications. There are numerous versions of the HTML standard that are interpreted by the browser...

DSA-1988-1 qt4-x11 - several vulnerabilities

Bulletin has no description...

CVE-2010-0246

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a...

CVE-2010-0246

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that 1 was not properly initialized or 2 is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a...

ZDI-10-014: Microsoft Internet Explorer item Object Memory Corruption Remote Code Execution Vulnerability

ZDI-10-014: Microsoft Internet Explorer item Object Memory Corruption Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-014 January 21, 2010 -- CVE ID: CVE-2010-0248 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Internet Explorer --...

Microsoft Internet Explorer item Object Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of cloned DOM object...

Mozilla IFRAME Style Change Handling Code Execution (CVE-2008-1236)

Firefox is an open source web browser developed by Mozilla Foundation. The application is capable of interpreting and rendering many types of Internet content, including various versions of HTML, XML, CSS Cascade Style Sheet, Javascript, various graphic formats, and so on. Firefox is made availab...

'Blitzableiter' Protects Against Flash Player Exploits

A German security researcher has released an open-source tool that analyses and cleans up Flash code before playback to prevent security holes in Adobe Flash Player from being exploited. The tool, called “Blitzableiter” lightning rod, is the brainchild of Felix “FX” Lindner, a well-known hacker w...

PDF Containing Obfuscated Name Objects

New exploits were released for several remote code execution vulnerabilities that were discovered in the way Adobe Acrobat Reader and Foxit Reader handle specially crafted PDF files. Although various security products provide coverage against many malformed PDF files vulnerabilities, these new...

CVE-2009-3987

The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and SeaMonkey before 2.0.1, generates different exception messages depending on whether the referenced COM object is listed in the registry, which allows remote attackers to obtain potentially sensitive...

Mozilla Foundation Security Advisory 2009-71

Mozilla Foundation Security Advisory 2009-71 Title: GeckoActiveXObject exception messages can be used to enumerate installed COM objects Impact: Low Announced: December 15, 2009 Reporter: Gregory Fleischer Products: Firefox, SeaMonkey Fixed in: Firefox 3.5.6 Firefox 3.0.16 SeaMonkey 2.0.1...

FreeBSD : mozilla -- multiple vulnerabilities (01c57d20-ea26-11de-bd39-00248c9b4be7)

Mozilla Project reports : MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects MFSA 2009-70 Privilege escalation via chrome window.opener MFSA 2009-69 Location bar spoofing vulnerabilities MFSA 2009-68 NTLM reflection vulnerability MFSA 2009-67 Integer...

mozilla -- multiple vulnerabilities

Mozilla Project reports: MFSA 2009-71 GeckoActiveXObject exception messages can be used to enumerate installed COM objects MFSA 2009-70 Privilege escalation via chrome window.opener MFSA 2009-69 Location bar spoofing vulnerabilities MFSA 2009-68 NTLM reflection vulnerability MFSA 2009-67 Integer...

GeckoActiveXObject exception messages can be used to enumerate installed COM objects — Mozilla

Security researcher Gregory Fleischer reported that the exception messages generated by Mozilla's GeckoActiveXObject differ based on whether or not the requested COM object's ProgID is present in the system registry. A malicious site could use this vulnerability to enumerate a list of COM objects...

EasyMail SMTP ActiveX Control AddAttachment buffer overflow

Added: 12/10/2009 BID: 36440 OSVDB: 59939 Background QuikSoft EasyMail Objects is a set of ActiveX controls which provide e-mail functionality. QuikSoft EasyMail Objects is included with Oracle Document Capture among other products. Problem A stack buffer overflow vulnerability in the...

EasyMail SMTP ActiveX Control AddAttachment buffer overflow

Added: 12/10/2009 BID: 36440 OSVDB: 59939 Background QuikSoft EasyMail Objects is a set of ActiveX controls which provide e-mail functionality. QuikSoft EasyMail Objects is included with Oracle Document Capture among other products. Problem A stack buffer overflow vulnerability in the...

EasyMail SMTP ActiveX Control AddAttachment buffer overflow

Added: 12/10/2009 BID: 36440 OSVDB: 59939 Background QuikSoft EasyMail Objects is a set of ActiveX controls which provide e-mail functionality. QuikSoft EasyMail Objects is included with Oracle Document Capture among other products. Problem A stack buffer overflow vulnerability in the...

EasyMail SMTP ActiveX Control AddAttachment buffer overflow

Added: 12/10/2009 BID: 36440 OSVDB: 59939 Background QuikSoft EasyMail Objects is a set of ActiveX controls which provide e-mail functionality. QuikSoft EasyMail Objects is included with Oracle Document Capture among other products. Problem A stack buffer overflow vulnerability in the...

PT-2009-5945 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Microsoft Internet Explorer versions 7 through 8 Description: The issue arises from improper handling of objects in memory, allowing remote attackers to execute arbitrary code by accessing an object that was not properly initialized or has be...