(Pwn2Own\Pwn4Fun) Apple OS X IOKit Kernel Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within IOKit. The...

kernel: cifs: incorrect handling of bogus user pointers during uncached writes

The cifsiovecwrite function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service memory...

Oracle Data Quality DateTimeWrapper onchange Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Oracle Data Quality PostcardPreviewInt onclose Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Oracle Data Quality FileChooserDlg onChangeDirectory Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

UBUNTU-CVE-2014-0981

VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local guest OS users to execute arbitrary code on the Chromium server via crafted Chromium network pointer ...

CORE-2014-0002 - Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities 1. Advisory Information Title: Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities Advisory ID: CORE-2014-0002 Advisory URL:...

kernel: cifs: incorrect handling of bogus user pointers during uncached writes

The cifsiovecwrite function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service memory...

CVE-2013-3896

Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability."...

DEBIAN-CVE-2013-2195

The Elf parser libelf in Xen 4.2.x and earlier allow local guest administrators with certain permissions to have an unspecified impact via a crafted kernel, related to "pointer dereferences" involving unexpected calculations...

The story of MS13-002: How incorrectly casting fat pointers can make your code explode

C++ supports developers in object-orientated programming and removes from the developer the responsibility of dealing with many object-oriented programming OOP paradigm problems. But these problems do not magically disappear. Rather it is the compiler that aims to provide a solution to many of th...

Immunity Canvas: NOVELL_NICM

Name| novellnicm ---|--- CVE| CVE-2013-3956 Exploit Pack| CANVAS Description| nicm.sys Privilege Escalation Notes| CVE Name: CVE-2013-3956 Notes: The IOCTL handler for the nicm.sys driver in Novell Client IR5 does not validate pointers from usermode buffers. When passing in the IOCTL 0x143B6B an...

MS13-052: Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution (2861561)

The version of the .NET Framework installed on the remote host is reportedly affected by the following vulnerabilities : - A vulnerability exists in the way that affected components handle specially crafted TrueType font files that could lead to remote code execution. An attacker could leverage...

CVE-2013-1328

Microsoft Publisher 2003 SP3, 2007 SP3, and 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers incorrect pointer handling, aka "Publisher Pointer Handling Vulnerability."...

Kernel: xfrm_user: return error pointer instead of NULL

The xfrmstatenetlink function in net/xfrm/xfrmuser.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dumponestate function calls, which allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash by leveraging the...

DEBIAN-CVE-2013-2496

The msrledecode8162432 function in msrledec.c in libavcodec in FFmpeg through 1.1.3 does not properly determine certain end pointers, which allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via crafted...

DEBIAN-CVE-2013-2477

The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service application crash via a malformed packet...

CVE-2013-2477

The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service application crash via a malformed packet...

DEBIAN-CVE-2012-6034

The 1 tmemcsavegetnextpage and 2 tmemcsavegetnextinv functions and the 3 TMEMCSAVEGETPOOLUUID sub-operation in the Transcendent Memory TMEM in Xen 4.0, 4.1, and 4.2 "do not check incoming guest output buffer pointers," which allows local guest OS users to cause a denial of service memory corrupti...

Adobe Reader 10.1.4 - JP2KLibCoolType Crash (PoC)

Adobe Reader 10.1.4 - JP2KLibCoolType Crash PoC Title : Adobe Reader 10.1.4 JP2KLib&CoolType WriteAV Vulnerability Version : 10.1.4.38 Date : 2012-11-20 Vendor : http://www.adobe.com/ Impact : Med/High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Author : coolkav...