CVE-2011-0989

The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, does not properly restrict data types, which allows remote attackers to modify internal read-only data structures, and cause a denial of service plugin crash or...

CVE-2011-0990

Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures, and cause a denial of service plugin crash or...

Microsoft Office Excel Graphic Object Dereferencing (MS11-023; CVE-2011-0977)

A remote code execution vulnerability has been reported in the way that Microsoft Office Excel handles graphic objects when parsing a specially crafted Office file. Microsoft Excel is a popular spreadsheet application. An attacker who successfully exploited this vulnerability could take complete...

Linux Kernel 2.6.x - epoll Nested Structures Local Denial of Service

/ source: https://www.securityfocus.com/bid/46630/info The Linux Kernel epoll Subsystem is prone to multiple local denial-of-service vulnerabilities. Successful exploits will allow attackers to cause the kernel to hang, denying service to legitimate users. / include include int mainvoid int e1, e...

iDefense Security Advisory 02.08.11: Adobe Reader and Acrobat JP2K Invalid Indexing Vulnerability

iDefense Security Advisory 02.08.11 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 08, 2011 I. BACKGROUND Adobe Reader/Acrobat is a Portable Document Format Viewer PDF. For more information, see the vendor's site found at the following link. http://www.adobe.com/products/reader/ II...

CVE-2011-0093

ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does not properly parse structures during the opening of a Visio file, which allows remote attackers to execute arbitrary code via a file containing a malformed structure, aka "Visio Data Type Memory Corruption Vulnerability."...

Ubuntu: Security Advisory (USN-1054-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1054-1)

Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. CVE-2010-0435 Dan Rosenberg discovered that the Linux kernel TIPC implementation...

CVE-2010-4655

net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAPNETADMIN capability for an ethtool ioctl call...

Linux Kernel 2.6.34 (Ubuntu 10.10 x86x64) - CAP_SYS_ADMIN Local Privilege Escalation (2)

Linux Kernel 2.6.34 Ubuntu 10.10 x86x64 - CAPSYSADMIN Local Privilege Escalation 2 / Linux Kernel CAPSYSADMIN to Root Exploit 2 32 and 64-bit by Joe Sylve @jtsylve on twitter Released: Jan 7, 2011 Based on the bug found by Dan Rosenberg @djrbliss only loosly based on his exploit...

Stack overflow

Stack-based buffer overflow in the econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures...

Apple QuickTime FPX Subimage Count Out-of-bounds Counter Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required in that a user must be coerced into opening up a malicious document or visiting a malicious website. The specific flaw exists within the way the...

kernel: sctp: do not reset the packet during sctp_packet_config

The sctppacketconfig function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service panic via a certain sequence of SCTP traffic...

CVE-2010-3848

Stack-based buffer overflow in the econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.36.2, when an econet address is configured, allows local users to gain privileges by providing a large number of iovec structures...

[SECURITY] Fedora 14 Update: apr-util-1.3.10-1.fc14

The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR; including support for XML, LDAP, database interfaces, URI parsing and more...

Fedora Update for apr-util FEDORA-2010-15916

Check for the Version of apr-util OpenVAS Vulnerability Test Fedora Update for apr-util FEDORA-2010-15916 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 13 Update: apr-util-1.3.10-1.fc13

The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR; including support for XML, LDAP, database interfaces, URI parsing and more...

kernel: net sched: fix some kernel memory leaks

The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors relate...

libspice: Relying on guest provided data structures to indicate memory allocation

libspice, as used in QEMU-KVM in the Hypervisor aka rhev-hypervisor in Red Hat Enterprise Virtualization RHEV 2.2 and qspice 0.3.0, does not properly restrict the addresses upon which memory-management actions are performed, which allows guest OS users to cause a denial of service guest OS crash ...

Microsoft Office Word sprmCMajority Record Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists in the parsing of sprmCMajority records...