Adobe Flash Player and AIR Null Pointer Reference Denial of Service Vulnerability (CNVD-2015-04554)

Adobe Flash Player is a player that parses SWF content. Adobe AIR is a technology developed for the integration of web and desktop applications, which allows you to control cloud-based programs on the web without having to go through a browser. Adobe Flash Player and AIR are implemented with a nu...

Microsoft Windows Kernel 'Win32k.sys' Null Pointer Reference Vulnerability

Microsoft Windows is a popular operating system. A null pointer reference vulnerability in Microsoft Windows Kernel 'Win32k.sys' allows local attackers to exploit the vulnerability to execute arbitrary code with elevated privileges...

IPsec-Tools Null Pointer Reference Denial of Service Vulnerability

IPsec-Tools is a user-space implementation of different IPSecs ported from KAME's libipsec, setkey and racoon, and supports various BSD systems. A null pointer reference vulnerability exists in IPsec-Tools, which allows remote attackers to crash an application by submitting a special request...

Apache HTTP Server 'protocol.c' Remote Denial of Service Vulnerability

Apache HTTP Server is an open source web server from the Apache Software Foundation. Apache HTTP Server 2.2.29/2.4.12 suffers from a null pointer indirect reference vulnerability in the implementation. An attacker is allowed to exploit this vulnerability to crash the application, resulting in a...

Apple Mac OS X NVIDIA Graphics Driver Null Pointer Reference Vulnerability

Apple Mac OS X is an operating system developed by Apple Inc. Apple Mac OS X NVIDIA Graphics Driver Handling A null pointer reference vulnerability exists in certain IOService user client types, which could allow a local user to gain privileges or cause a denial of service null pointer...

MIT Kerberos ASN.1 asn1_decode_generaltime Uninitialized Pointer Reference - Ver2 (CVE-2009-0846)

MIT Kerberos V5 is an implementation of the Kerberos protocol that allows for the negotiation of an authenticated, and optionally encrypted, communication channel between two points on a network. The MIT Kerberos V5 server utilizes the encrypted SUN-RPC protocol to communicate with its remote...

MGASA-2014-0008 Updated openssl package fixes security vulnerability

A flaw was reported for OpenSSL 1.0.1e, that can cause application using OpenSSL to crash when using TLS version 1.2 CVE-2013-6449. Also, a NULL pointer reference issue has been fixed in SSLgetcertificate mga11549...

Updated openssl package fixes security vulnerability

A flaw was reported for OpenSSL 1.0.1e, that can cause application using OpenSSL to crash when using TLS version 1.2 CVE-2013-6449. Also, a NULL pointer reference issue has been fixed in SSLgetcertificate mga11549...

Firefly Media Server firefly.exe畸形HTTP请求远程拒绝服务漏洞

BUGTRAQ ID: 56999 CVECAN ID: CVE-2012-5875 Firefly Media Server是开源的音频媒体服务器。 Firefly Media Server 1.0.0.1359及其他版本存在多个空指针引用漏洞，恶意用户可利用这些漏洞造成远程服务器崩溃。 1）"firefly.exe"文件内的HTTP CONNECTION标头没有正确处理，通过发送特制的报文到9999/TCP端口，可导致空指针引用，造成受影响服务器立即崩溃。 崩溃细节： EIP: 0041e223 cmp byte ecx,0x20 EAX: 0175eee8 24506088 -...

DOS and crash with full screen and history navigation — Mozilla

Security researcher Soroush Dalili reported that a combination of invoking full screen mode and navigating backwards in history could, in some circumstances, cause a hang or crash due to a timing dependent use-after-free pointer reference. This crash may be potentially exploitable...

RHEL 6 : kernel (RHSA-2012:0481)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0481 advisory. - kernel: sysctl: restrict write access to dmesgrestrict CVE-2011-4080 - kernel: block: CLONEIO iocontext refcounting issues CVE-2012-0879 -...

Flash Player (Flash6.ocx) Denial Of Service

PARAM NAME="AllowScriptAccess"...

Flash Player - 'Flash6.ocx' AllowScriptAccess Denial of Service (PoC)

PARAM NAME="AllowScriptAccess"...

Linux kernel 2.6.x L2TP实现远程拒绝服务漏洞

BUGTRAQ ID: 41077 CVE ID: CVE-2010-2495 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的L2TP实现中drivers/net/pppol2tp.c文件中的pppol2tpxmit函数没有验证某些与接口相关的值，远程攻击者可以通过发送恶意L2TP报文触发空指针引用，导致拒绝服务的情况。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Microsoft Internet Explorer Remote Code Execution Vulnerability (979352)

The host is installed with Internet Explorer and is prone to Remote Code Execution vulnerability. This NVT has been replaced by NVT secpodms10-002.nasl OID:1.3.6.1.4.1.25623.1.0.901097. OpenVAS Vulnerability Test $Id: gbmsiedepremotecodeexecvuln.nasl 6527 2017-07-05 05:56:34Z cfischer $ Microsoft...

Linux Kernel sg_build_indirect函数本地拒绝服务漏洞

CVE ID: CVE-2009-3288 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的drivers/scsi/sg.c文件中的sgbuildindirect函数在访问数组时使用了错误的变量，这允许本地攻击者通过使用xcdroast复制CD导致内核崩溃和空指针引用。仅有可打开光驱设备的用户才可以利用这个漏洞。 Linux kernel 2.6.28-rc1 - 2.6.31-rc8 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Apple Safari 4.0.3 null pointer reference

Здравствуйте, 3APA3A ! При отправке формы с пустым внутри Safari падает с ошибкой чтения из нулевого участка памяти. Подтверждено на Windows и MacOS, ошибку вызывает модуль webkit. Пример: http://student-mati.front.ru/boom.htm...

Microsoft Windows畸形AVI文件解析多个代码执行漏洞（MS09-038）

BUGTRAQ ID: 35970,35967 CVECAN ID: CVE-2009-1546,CVE-2009-1545 Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows处理特制AVI格式文件的方式中存在整数溢出和指针引用错误。如果用户打开了特制的AVI文件，这些漏洞可能允许执行代码。 Microsoft Windows XP SP3 Microsoft Windows XP SP2 Microsoft Windows Vista SP2 Microsoft Windows Vista SP1 Microsoft Windows...

Linux Kernel kvm_arch_vcpu_ioctl_set_sregs()函数本地拒绝服务漏洞

BUGTRAQ ID: 35529 CVECAN ID: CVE-2009-2287 Linux Kernel是开放源码操作系统Linux所使用的内核。 运行在x86系统上的Linux Kernel的KVM中kvmarchvcpuioctlsetsregs函数没有正确地验证KVMSETSREGS调用中的页表根，本地用户可以通过提交特制的cr3值在gfntormap函数中触发空指针引用，导致受影响的系统崩溃。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Xpdf JBIG2处理多个缓冲区溢出和拒绝服务漏洞

BUGTRAQ ID: 34568 CVECAN ID: CVE-2009-0146,CVE-2009-0147,CVE-2009-0166,CVE-2009-0799,CVE-2009-0800,CVE-2009-1179,CVE-2009-1180,CVE-2009-1181,CVE-2009-1182,CVE-2009-1183,CVE-2009-1187,CVE-2009-1188 Xpdf是便携文档格式（PDF）文件的开放源码查看器。...