USN-2188-1 elfutils vulnerability

Florian Weimer discovered that the elfutils libdw library incorrectly handled malformed compressed debug sections in ELF files. If a user or automated system were tricked into processing a specially crafted ELF file, applications linked against libdw could be made to crash, or possibly execute...

UBUNTU-CVE-2014-0172

Integer overflow in the checksection function in dwarfbeginelf.c in the libdw library, as used in elfutils 0.153 and possibly through 0.158 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a malformed compressed debug section in an ELF...

CVE-2013-4737

The CONFIGSTRICTMEMORYRWX implementation for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, does not properly consider certain memory sections, which makes it easier for attackers to bypass intended access restrictions by...

[SECURITY] Fedora 18 Update: drupal7-context-3.1-1.fc18

Context allows you to manage contextual conditions and reactions for differ ent portions of your site. You can think of each context as representing a "sec tion" of your site. For each context, you can choose the conditions that trigger this context to be active and choose different aspects of...

Fedora Update for drupal7-context FEDORA-2013-20976

Check for the Version of drupal7-context OpenVAS Vulnerability Test Fedora Update for drupal7-context FEDORA-2013-20976 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Autocad DWG-AC1021 Heap Corruption

AutoCAD is a software for computer-aided design CAD and technical drawing in 2D/3D, being one of the world leading CAD design tools. It is developed and sold by Autodesk, Inc. Title: AutoCAD DWG-AC1021 Heap Corruption CVE Name: CVE-2013-3665 Permalink:...

digit_sum

This plugin tries to find new URLs by changing the numbers that are present on it. Two configurable parameters exist: fuzzImages maxDigitSections An example will clarify what this plugin does, lets suppose that the input for this plugin is: http://host.tld/index1.asp This plugin will request:...

Mandriva Linux Security Advisory : emacs (MDVSA-2013:076)

Updated emacs packages fix security vulnerabilities : Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent...

About shellcodes

In this post we have documented a beginners introduction to shellcode writing. We go from zero to a super simple shellcode using tools you may find already installed in any serious operating system. If you are looking for a digested and more mature way of generating shellcode you should check...

Design/Logic Flaw

Use-after-free vulnerability in Google Chrome before 20.0.1132.43 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to tables that have sections...

CVE-2012-2817

Removed by vendor...

[SECURITY] Fedora 17 Update: perl-Config-IniFiles-2.72-1.fc17

Config::IniFiles provides a way to have readable configuration files outside your Perl script. Configurations can be imported inherited, stacked,..., sections can be grouped, and settings can be accessed from a tied hash...

[SECURITY] Fedora 16 Update: perl-Config-IniFiles-2.72-1.fc16

Config::IniFiles provides a way to have readable configuration files outside your Perl script. Configurations can be imported inherited, stacked,..., sections can be grouped, and settings can be accessed from a tied hash...

Family CMS 2.9 - Multiple Vulnerabilities

Family CMS 2.9 and earlier multiple Vulnerabilities =================================================================================== Exploit Title: Family CMS 2.9 and earlier multiple Vulnerabilities Download link...

FreeBSD Ports: chromium

The remote host is missing an update to the system as announced in the referenced advisory. VID 99aef698-66ed-11e1-8288-00262d5ed8ee OpenVAS Vulnerability Test $ Description: Auto generated from VID 99aef698-66ed-11e1-8288-00262d5ed8ee Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

CVE-2011-3042

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections...

CVE-2011-3042

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections...

Design/Logic Flaw

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections...

CVE-2011-3042

Removed by vendor...

CVE-2011-3042

Use-after-free vulnerability in Google Chrome before 17.0.963.65 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of table sections...