7 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-16995
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The checkaluop function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service memory corruption or possibly...
UBUNTU-CVE-2023-52933
In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix handling and sanity checking of xattrids count A Sysbot 1 corrupted filesystem exposes two flaws in the handling and sanity checking of the xattrids count in the filesystem. Both of these flaws cause computation...
CVE-2017-9106
CVE-2017-9106 affects adns up to version 1.5.1 (before 1.5.2). The issue lies in adns_rr_info handling a bogus datap where integer formatting uses a fixed-size buffer; if input is out of the permitted range, a buffer overrun can occur due to sign extension of SOA 32-bit integers. The result is a ...
UBUNTU-CVE-2017-16995
The checkaluop function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service memory corruption or possibly have unspecified other impact by leveraging incorrect sign extension...
UBUNTU-CVE-2015-8869
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function...
Microsoft Internet Explorer jsdbgui Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
[Full-disclosure] 0-day XP SP2 wmf exploit (some details)
There is some details for wannabees : 1. 'Bad' wmf record: 07 00 00 00 length of record in words FC 02 type CreateBrushIndirect 08 00 00 00 00 00 00 80 'packed' good old Win16 days LOGBRUSH data: 08 00 - 'packed' lpStyle may be BSDIBPATTERNPT 6 or BSDIBPATTERN8X8 8 00 00 00 00 - COLORREF any 00 8...