1407 matches found
DEBIAN-CVE-2015-5073
Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to cause a denial of service crash or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an...
CVE-2015-5073
Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to cause a denial of service crash or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an...
Kernel Address Space Layout Randomization Recovery Software
Kernel Address Space Layout Randomization Recovery Software KASLRfinder is a small utility that can be used to find where in memory the Windows 10 kernel and its drivers are loaded – despite the addresses being randomized by Kernel Address Space Layout Randomization KASLR. The utility can be run ...
VMware Fusion Local Information Disclosure Vulnerability
VMware Fusion allows Windows applications to run seamlessly on Intel-based Mac machines. A local information disclosure vulnerability exists in VMware Fusion. Since System Integrity Protection SIP is enabled by default on Mac OS X, a local attacker can exploit the vulnerability to obtain kernel...
Bypassing ASLR in 60 Milliseconds
Address Space Layout Randomization was a champion hardening technology introduced in most major desktop and mobile operating systems as a mitigation against memory-based code-execution attacks. Bypassing ASLR, however, has become somewhat of a parlor game for attackers and white-hat researchers,...
The vulnerability of the Windows operating system, which allows a hacker to bypass the ASLR protection mechanism
The vulnerability of the Graphics Device Interface GDI component in the Windows operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to bypass the ASLR protection mechanism by using a specially created application...
CVE-2016-3354
The Graphics Device Interface GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to bypass the ASLR protection mechanism via a crafted...
CVE-2016-0137
The Click-to-Run C2R implementation in Microsoft Office 2013 SP1 and 2016 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft APP-V ASLR Bypass."...
Microsoft Windows GDI Information Disclosure Vulnerability
Microsoft Windows is a family of operating systems released by Microsoft Corporation in the United States. Graphics Device Interface GDI is one of the graphics device interface components. An information disclosure vulnerability exists in the Graphics Device Interface in Microsoft Windows that...
Microsoft Edge Security Feature Bypass Vulnerability (CNVD-2016-04787)
Microsoft Edge is a web browser developed by Microsoft USA and is the default browser that comes with the Windows 10 operating system. A security bypass vulnerability exists in Microsoft Edge that originates from a program incorrectly implementing Address Space Layout Randomization ASLR. A remote...
MS16-085: Cumulative Security Update for Microsoft Edge (3169999)
The version of Microsoft Edge installed on the remote Windows host is missing Cumulative Security Update 3169999. It is, therefore, affected by multiple vulnerabilities : - A security feature bypass vulnerability exists due to a failure to properly implement Address Space Layout Randomization ASL...
The vulnerability of the Internet Explorer browser, which allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The Internet Explorer browser contains a vulnerability in its ASLR component a mechanism for randomizing the address space, which is related to errors in the implementation of the address space limitation. Exploiting this vulnerability can allow a malicious actor to bypass the ASLR limitation and...
The vulnerability of Adobe Pepper Flash software for Google Chrome allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability exists in Adobe Pepper Flash for Google Chrome, due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows an attacker to bypass the ASLR Address Space Layout Randomization protection mechanism...
The vulnerability of Adobe Pepper Flash software for Google Chrome allows a malicious intruder to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability exists in Adobe Pepper Flash for Google Chrome, due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows attackers to bypass the ASLR Address Space Layout Redirection protection mechanism...
The vulnerability of the Internet Explorer browser, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.
There is a vulnerability in Internet Explorer that allows attackers to circumvent the ASLR Address Space Randomization protection mechanisms, which serve to protect users from various vulnerabilities. Simply bypassing this protection does not allow the execution of arbitrary code. However,...
The vulnerability in Microsoft.NET Framework software allows a malicious attacker to compromise the confidentiality of protected information.
Vulnerability exists in the Microsoft .NET Framework, and it allows attackers to circumvent the ASLR protection mechanism, which safeguards users against a wide range of vulnerabilities. Simply bypassing the protection mechanism itself does not allow the execution of arbitrary code. However,...
Vulnerability of Adobe AIR software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information
Vulnerability exists in Adobe AIR due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows an attacker to bypass the ASLR Address Space Layout Randomization protection mechanism...
The vulnerability in Microsoft.NET Framework software allows a malicious attacker to compromise the confidentiality of protected information.
Vulnerability exists in the Microsoft .NET Framework, and it allows attackers to circumvent the ASLR protection mechanism, which safeguards users against a wide range of vulnerabilities. Simply bypassing the protection mechanism itself does not allow the execution of arbitrary code. However,...
The vulnerability of the Flash Player software allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability exists in the Adobe Flash Player due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows an attacker to bypass the ASLR Address Space Layout Randomization protection mechanism...
The vulnerability of the Flash Player software allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability exists in the Adobe Flash Player due to the possibility of accessing information related to memory addresses. Exploiting this vulnerability allows an attacker to bypass the ASLR Address Space Layout Randomization protection mechanism...