174 matches found
Design/Logic Flaw
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...
CVE-2018-1000024
The CVE-2018-1000024 vulnerability affects Squid HTTP Caching Proxy (versions 3.0–3.5.27 and 4.0–4.0.22). It is caused by Incorrect Pointer Handling in ESI Response Processing, enabling a Denial of Service when a remote server delivers an HTTP response payload with valid but unusual ESI syntax. I...
CVE-2018-1000024
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...
CVE-2018-1000024
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...
CVE-2018-1000024
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...
UBUNTU-CVE-2018-1000024
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...
Updated squid packages fix security vulnerabilities
Due to incorrect pointer handling Squid is vulnerable to denial of service attack when processing ESI responses. This problem allows a remote server delivering certain ESI response syntax to trigger a denial of service for all clients accessing the Squid service SQUID-2018:1. Due to incorrect...
Squid Proxy ESI Response Processing Denial of Service (CVE-2016-4555)
A denial of service vulnerability has been reported in the Edge Side Includes ESI component of the Squid proxy. The vulnerability is due to incorrect pointer handling when processing ESI responses. A remote attacker could exploit this vulnerability by sending crafted ESI response data to the targ...
The vulnerability of the Android operating system, which allows a hacker to increase their privileges
The vulnerability of the secure-session function in the mm-video-v4l2 venc component of the Android operating system’s media server is related to incorrect handling of stack pointers. Exploiting this vulnerability could allow a local attacker to enhance their privileges through a specially create...
Debian DSA-3625-1 : squid3 - security update
Several security issues have been discovered in the Squid caching proxy. - CVE-2016-4051 : CESG and Yuriy M. Kaminskiy discovered that Squid cachemgr.cgi was vulnerable to a buffer overflow when processing remotely supplied inputs relayed through Squid. - CVE-2016-4052 : CESG discovered that a...
The vulnerability of the Android operating system, which allows a hacker to increase their privileges
The vulnerability in the file mm-video-v4l2/vidc/vdec/src/omxvdecmsm8974.cpp of the Android operating system is related to incorrect pointer handling. Exploiting this vulnerability can allow a malicious actor to gain increased privileges through a specially created application...
The vulnerability of the Android operating system, which allows a hacker to increase their privileges
The vulnerability in the file mm-video-v4l2/vidc/vdec/src/omxvdecmsm8974.cpp of the Android operating system is related to incorrect pointer handling. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain increased privileges through a specially created applicatio...
CVE-2016-2478
mm-video-v4l2/vidc/vdec/src/omxvdecmsm8974.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 mishandles pointers, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or...
CVE-2016-1945
The nsZipArchive function in Mozilla Firefox before 44.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging incorrect use of a pointer during processing of a ZIP archive...
Null pointer dereference
unzoo allows remote attackers to cause a denial of service infinite loop and resource consumption via unspecified vectors to the 1 ExtrArch or 2 ListArch function, related to pointer handling...
CVE-2015-1846
unzoo allows remote attackers to cause a denial of service infinite loop and resource consumption via unspecified vectors to the 1 ExtrArch or 2 ListArch function, related to pointer handling...
Microsoft Silverlight Remote Code Execution Vulnerabilities (2861561)
This host is missing a critical security update according to Microsoft Bulletin MS13-052. OpenVAS Vulnerability Test $Id: secpodsilverlightms13-052.nasl 8190 2017-12-20 09:44:30Z cfischer $ Microsoft Silverlight Remote Code Execution Vulnerabilities 2861561 Authors: Antu Sanadi Copyright: Copyrig...
Spoofing
Microsoft Publisher 2003 SP3, 2007 SP3, and 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers incorrect pointer handling, aka "Publisher Pointer Handling Vulnerability."...
CVE-2013-1328
CVE-2013-1328 affects Microsoft Publisher components: Publisher 2003 SP3, 2007 SP3, and 2010 SP1. It enables remote code execution when a user opens a specially crafted Publisher file, due to an incorrect pointer handling vulnerability in Publisher. Exploitation could allow arbitrary code executi...
Debian Security Advisory DSA 2296-1 (iceweasel)
The remote host is missing an update to iceweasel announced via advisory DSA 2296-1. OpenVAS Vulnerability Test $Id: deb22961.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2296-1 iceweasel Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...