1575 matches found
spice: host memory access from guest using crafted images
A heap-based buffer overflow flaw was found in the way SPICE handled certain guest QXL commands related to surface creation. A user in a guest could use this flaw to read and write arbitrary memory locations on the host...
Spice 'surface_id' Heap Overflow Vulnerability
SPICE Simple Protocol for Independent Computing Environments is one of the three main technology components of Red Hat Enterprise Virtualized Desktop Edition, an adaptive remote submission protocol that delivers the exact same end-user experience as a physical desktop. A security vulnerability...
McAfee founder: the Surface Pro 4 will have a 1 0 0 security vulnerabilities-vulnerability warning-the black bar safety net
Microsoft's next generation Surface Pro 4 fusion their Windows 1 0 OS, Intel Skylake six-generation Core Processor, the overall performance is still very good, of course, also added a variety of hardware and software security features, however, McAfee's founder John McAfee may not be so confident...
UBUNTU-CVE-2015-5261
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation...
CVE-2015-5261
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitrary memory locations on the host via guest QXL commands related to surface creation...
The vulnerability of the Firefox browser, which allows a perpetrator to gain access to protected information or cause a service failure
The vulnerability of the gfx/2d/DataSurfaceHelpers.cpp component in the Firefox browser is caused by buffer overflow. Exploiting this vulnerability can allow an attacker to gain access to protected information or cause a service failure by using the CANVAS element to switch to 2D rendering mode,...
Mozilla Firefox and Firefox ESR gfx/2d/DataSurfaceHelpers.cpp Buffer Overflow Vulnerability
Mozilla Firefox is an open source web browser. A security vulnerability exists in Mozilla Firefox gfx/2d/DataSurfaceHelpers.cpp, which allows remote attackers to crash an application or execute arbitrary code by triggering a 2D display using the CANVAS element...
Qemu: ui: vnc: heap memory corruption in vnc_refresh_server_surface
A heap-based buffer overflow issue was found in the QEMU emulator's VNC display driver. It could occur while refreshing the VNC server's display surface using the vncrefreshserversurface routine. A privileged guest user could use this flaw to corrupt the heap memory and crash the QEMU process...
Important: Red Hat Security Advisory: qemu-kvm-rhev security update
Updated qemu-kvm-rhev packages that fix one security issue are now available for Red Hat Enterprise Virtualization Hypervisor 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...
Qemu: ui: vnc: heap memory corruption in vnc_refresh_server_surface
A heap-based buffer overflow issue was found in the QEMU emulator's VNC display driver. It could occur while refreshing the VNC server's display surface using the vncrefreshserversurface routine. A privileged guest user could use this flaw to corrupt the heap memory and crash the QEMU process...
UBUNTU-CVE-2015-5260
Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service heap-based memory corruption and QEMU-KVM crash or possibly execute arbitrary code on the host via QXL commands related to the surfaceid parameter...
CVE-2015-5225
Buffer overflow in the vncrefreshserversurface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service heap memory corruption and process crash or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the serve...
The vulnerability of the Firefox ESR browser, which allows a hacker to read data from uninitialized memory areas
The vulnerability of the YCbCrImageDataDeserializer::ToDataSourceSurface function in Firefox ESR browsers is related to code errors. Exploiting this vulnerability may allow an attacker to read data from uninitialized memory areas remotely...
Mozilla: Vulnerabilities found through code inspection (MFSA 2015-66)
The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified impact and attack vectors...
UBUNTU-CVE-2015-0806
The Off Main Thread Compositing OMTC implementation in Mozilla Firefox before 37.0 attempts to use memset for a memory region of negative length during interaction with the mozilla::layers::BufferTextureClient::AllocateForSurface function, which allows remote attackers to execute arbitrary code o...
Debian DLA-83-1 : ffmpeg update
This update to ffmpeg disables support for over 100 codecs, decoders, and formats that are rarely used nowadays, for which the support available in squeeze is most likely insufficient, etc. This update is only meant to reduce the attack surface. ffmpeg is otherwise unsupported in squeeze-lts, and...
Ubuntu 12.04 LTS : linux vulnerabilities (USN-2513-1)
A flaw was discovered in the Kernel Virtual Machine's KVM emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS crash or potentially gain privileges on the guest OS...
UBUNTU-CVE-2015-0824
The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 36.0 allows remote attackers to cause a denial of service out-of-bounds write of zero values, and application crash via vectors that trigger use of DrawTarget and the Cairo library for image drawing...
PHP 5.5.12 - Locale::parseLocale Memory Corruption
Full Package: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/35358.tgz Description: ------------ PHP 5.5.12 suffers from a memory corruption vulnerability that could potentially be exploited to achieve remote code execution. The vulnerability exists due to...
[SECURITY] [DLA 83-1] ffmpeg update
Package : ffmpeg Version : 4:0.5.10-1+deb6u1 This update to ffmpeg disables support for over 100 codecs, decoders, and formats that are rarely used nowadays, for which the support available in squeeze is most likely insufficient, etc. This update is only meant to reduce the attack surface. ffmpeg...