63 matches found
use-after-free in IDBKeyRange — Mozilla
Using the Address Sanitizer tool, security researcher Aki Helin from OUSPG found that IDBKeyRange of indexedDB remains in the XPConnect hashtable instead of being unlinked before being destroyed. When it is destroyed, this causes a use-after-free, which is potentially exploitable...
FreeBSD : chromium -- multiple vulnerabilities (99aef698-66ed-11e1-8288-00262d5ed8ee)
Google Chrome Releases reports : 105867 High CVE-2011-3031: Use-after-free in v8 element wrapper. Credit to Chamal de Silva. 108037 High CVE-2011-3032: Use-after-free in SVG value handling. Credit to Arthur Gerkis. 108406 115471 High CVE-2011-3033: Buffer overflow in the Skia drawing library...
Stable Channel Update
The Chrome team is excited to announce the release of Chrome 17 to the Stable Channel for Windows, Mac, Linux and Chrome Frame. 17.0.963.46 contains a number of new features including: New Extensions APIs Updated Omnibox Prerendering Download Scanning Protection Many other small changes Security...
Chrome Stable Release
The Google Chrome team is happy to announce the arrival of Chrome 15.0.874.102 to the Stable Channel for Windows, Mac, Linux, and Chrome Frame. Chrome 15 contains some really great improvements including a new New Tab page. You can read about it more on the Google Chome blog. Security fixes and...
Multiple Vulnerabilities Found by PROTOS IPSec Test Suite - Cisco Systems
Multiple Cisco products contain vulnerabilities in the processing of IPSec IKE Internet Key Exchange messages. These vulnerabilities were identified by the University of Oulu Secure Programming Group OUSPG "PROTOS" Test Suite for IPSec and can be repeatedly exploited to produce a denial of servic...
Design/Logic Flaw
Multiple unspecified vulnerabilities in RARLAB WinRAR before 3.71 have unknown impact and attack vectors related to crafted 1 ACE, 2 ARJ, 3 BZ2, 4 CAB, 5 GZ, 6 LHA, 7 RAR, 8 TAR, or 9 ZIP files, as demonstrated by the OUSPG PROTOS GENOME test suite for Archive Formats...
Design/Logic Flaw
Sophos Anti-Virus for Windows before 7.6.3, Anti-Virus for Windows NT/9x before 4.7.18, Anti-Virus for OS X before 4.9.18, Anti-Virus for Linux before 6.4.5, Anti-Virus for UNIX before 7.0.5, Anti-Virus for Unix and Netware before 4.37.0, Sophos EM Library, and Sophos small business solutions, wh...
FreeBSD Ports: pwlib
The remote host is missing an update to the system as announced in the referenced advisory. VID 27c331d5-64c7-11d8-80e3-0020ed76ef5a OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: pwlib
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2004-2758
CVE-2004-2758 affects Sun SunForum 3.2 and Sun Forum 3D 1.0 via the H.323 protocol implementation. The NVD entry describes multiple unspecified vulnerabilities that allow remote attackers to cause a denial of service (segmentation fault and process crash), demonstrated via the PROTOS test suite f...
Code injection
Unspecified vulnerability in the 1 web cache or 2 web proxy in Fujitsu NetShelter/FW allows remote attackers to cause a denial of service device unresponsiveness via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite...
CVE-2006-2240
CVE-2006-2240 concerns an unspecified vulnerability in the Fujitsu NetShelter/FW web cache or web proxy. The issue reportedly allows remote attackers to cause a denial of service resulting in device unresponsiveness, via certain DNS packets, as demonstrated by the OUSPG PROTOS DNS test suite. The...
CVE-2006-2077
Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown impact and attack vectors. NOTE: this issue might be related to the OUSPG PROTOS DNS test suite...
Buffer overflow
Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown impact and attack vectors. NOTE: this issue might be related to the OUSPG PROTOS DNS test suite...
Design/Logic Flaw
Unspecified vulnerability in MyDNS 1.1.0 allows remote attackers to cause a denial of service via a crafted DNS message, aka "Query-of-death," as demonstrated by the OUSPG PROTOS DNS test suite...
CVE-2006-2077
Buffer overflow in Paul Rombouts pdnsd before 1.2.4 has unknown impact and attack vectors. NOTE: this issue might be related to the OUSPG PROTOS DNS test suite...
CVE-2006-2074
Unspecified vulnerability in Juniper Networks JUNOSe E-series routers before 7-1-1 has unknown impact and remote attack vectors related to the DNS "client code," as demonstrated by the OUSPG PROTOS DNS test suite...
CVE-2006-2073
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite...
Code injection
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite...
CVE-2006-2073
Unspecified vulnerability in ISC BIND allows remote attackers to cause a denial of service via a crafted DNS message with a "broken" TSIG, as demonstrated by the OUSPG PROTOS DNS test suite...