22 matches found
EUVD-2002-1860
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2018-9165
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The pushdup function in util/decompile.c in libming through 0.4.8 does not recognize the need for ActionPushDuplicate to perform a deep copy when a String is at...
Linux Distros Unpatched Vulnerability : CVE-2019-12982
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ming aka libming 0.4.8 has a heap buffer overflow and underflow in the decompileCAST function in util/decompile.c in libutil.a. Remote attackers could leverage...
Linux Distros Unpatched Vulnerability : CVE-2018-5294
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libming 0.4.8, there is an integer overflow caused by an out-of-range left shift in the readUInt32 function util/read.c. Remote attackers could leverage this...
Linux Distros Unpatched Vulnerability : CVE-2016-9831
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the parseSWFRGBA function in parser.c in the listswf tool in libming 0.4.7 allows remote attackers to have unspecified impact via ...
UBUNTU-CVE-2019-12982
Ming aka libming 0.4.8 has a heap buffer overflow and underflow in the decompileCAST function in util/decompile.c in libutil.a. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted SWF file...
UBUNTU-CVE-2018-8961
In libming 0.4.8, the decompilePUSHPARAM function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file...
UBUNTU-CVE-2018-6315
The outputSWFTEXTRECORD function util/outputscript.c in libming through 0.4.8 is vulnerable to an integer overflow and resultant out-of-bounds read, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file...
Adobe Flash Player Memory Error Reference Remote Code Execution Vulnerability (CNVD-2016-10244)
Adobe Flash Player is a cross-platform, browser-based multimedia player product. Adobe Flash Player is implemented with a memory error referencing remote code execution vulnerability. This vulnerability can be exploited by remote attackers to construct a malicious SWF file that can be parsed by a...
Neutrino EK Spotted Leveraging Patched IE Zero Day
Attackers behind the Neutrino Exploit Kit didn’t take long to co-op a recently patched Internet Explorer zero-day into its arsenal. Researchers claim the kit has been pushing CVE-2016-0189, a vulnerability that was reportedly used in targeted attacks on South Korean organizations earlier this yea...
CVE-2010-0987
Heap-based buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via crafted embedded fonts in a Shockwave file...
CVE-2010-0986
Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted Shockwave file...
Heap overflow
Heap-based buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via crafted embedded fonts in a Shockwave file...
Memory corruption
Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted Shockwave file...
Memory corruption
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted FFFFFF45h Shockwave 3D blocks in a Shockwave file...
CVE-2010-0986
Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service memory corruption or possibly execute arbitrary code via a crafted Shockwave file...
CVE-2009-4003
Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via 1 an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via 2 an unspecified 3D...
Heap overflow
Heap-based buffer overflow in Adobe Shockwave Player before 11.5.6.606 allows remote attackers to execute arbitrary code via a crafted 3D model in a Shockwave file...
Integer overflow
Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via 1 an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via 2 an unspecified 3D...
flash-plugin input validation flaw
Integer overflow in Adobe Flash Player 9.0.45.0 and earlier might allow remote attackers to execute arbitrary code via a large length value for a 1 Long string or 2 XML variable type in a crafted a FLV or b SWF file, related to an "input validation error," including a signed comparison of values...