CVE-2010-1806

Apple Safari WebKit Use-After-Free in run-in styling (CVE-2010-1806): affected are Safari 4.x before 4.1.2 and Safari 5.x before 5.0.2. Root cause is a use-after-free related to object pointers when processing run-in elements, allowing remote code execution or a denial of service (application cra...

Mozilla Firefox 3.5.x < 3.5.12 Multiple Vulnerabilities

Binary data 5656.prm...

qemu: Insufficient guest provided pointers validation

QEMU-KVM, as used in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and KVM 83, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service invalid pointer dereference and guest OS crash or possibly gain privileg...

libspice: Insufficient guest provided pointers validation

libspice, as used in QEMU-KVM in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service invalid pointer dereference and guest OS crash or...

libspice: Insufficient guest provided pointers validation

libspice, as used in QEMU-KVM in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and qspice 0.3.0, does not properly validate guest QXL driver pointers, which allows guest OS users to cause a denial of service invalid pointer dereference and guest OS crash or...

Lithtech Engine - Memory Corruption

Original Advisory: http://aluigi.org/adv/fearless-adv.txt Luigi Auriemma Application: Lithtech engine http://www.lithtech.com Games: any game should be affected, refer to http://en.wikipedia.org/wiki/LithtechLithtechimplementations those personally tested by me are: F.E.A.R. = 1.08 F.E.A.R. 2...

Adobe Acrobat and Reader Multiple Vulnerabilities (Jul 2010) - Windows

Adobe Reader/Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adobe Reader Multiple Vulnerabilities (Jul 2010) - Linux

Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

Adobe Flash Player/Air Multiple Vulnerabilities (Jun 2010) - Windows

Adobe Flash Player/Air is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adobe Flash Player/Air Multiple Vulnerabilities - June10 (Linux)

This host is installed with Adobe Flash Player/Air and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodadobeprdtsmultvulnjun10lin.nasl 6476 2017-06-29 07:32:00Z cfischer $ Adobe Flash Player/Air Multiple Vulnerabilities - June10 Linux Authors: Antu Sanadi Copyright:...

ZDI-10-088: Adobe Shockwave Player 3D Parsing Memory Corruption Vulnerability

ZDI-10-088: Adobe Shockwave Player 3D Parsing Memory Corruption Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-088 May 11, 2010 -- CVE ID: CVE-2010-1283 -- Affected Vendors: Adobe -- Affected Products: Adobe Shockwave Player -- TippingPointTM IPS Customer Protection: TippingPoin...

CVE-2010-1229

The sandbox infrastructure in Google Chrome before 4.1.249.1036 does not properly use pointers, which has unspecified impact and attack vectors...

CVE-2010-1229

Removed by vendor...

CVE-2010-0425

modules/arch/win32/modisapi.c in modisapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapiunload for an ISAPI .dll module, which allows remote attackers ...

Microsoft SQL Server sp_replwritetovarbin Memory Corruption

$Id: ms09004spreplwritetovarbin.rb 8068 2010-01-05 00:02:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

SuSE 11 Security Update : libxml2 (SAT Patch Number 1177)

This update of libxml2 does not use pointers after they were freed anymore. CVE-2009-2416 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...

kernel: uninit op in SOCKOPS_WRAP() leads to privesc

The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in protoops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on...

Mandrake Security Advisory MDVSA-2009:233 (kernel)

The remote host is missing an update to kernel announced via advisory MDVSA-2009:233. OpenVAS Vulnerability Test $Id: mdksa2009233.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:233 kernel Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft In...

Linux kernel uninitialized pointers

protoops structure uninitialized pointers...

kernel: uninit op in SOCKOPS_WRAP() leads to privesc

The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in protoops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on...