26 matches found
Microsoft Edge Chakra JIT - Type Confusion
/ The switch statement only handles Js::TypeIdsArray but not Js::TypeIdsNativeIntArray and Js::TypeIdsNativeFloatArray. So for example, a native float array can be considered as of type ObjectType::Object under certain circumstances where "objValueType.IsLikelyArrayOrObjectWithArray" is not...
Memory corruption
The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service crash and possibly trigger memory corruption via 1 a large switch statement, 2 certain uses of watch and eval, 3 certain uses of t...
CVE-2008-0413
The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service crash and possibly trigger memory corruption via 1 a large switch statement, 2 certain uses of watch and eval, 3 certain uses of t...
Mozilla javascript engine crashes
The JavaScript engine in Mozilla Firefox before 2.0.0.12, Thunderbird before 2.0.0.12, and SeaMonkey before 1.1.8 allows remote attackers to cause a denial of service crash and possibly trigger memory corruption via 1 a large switch statement, 2 certain uses of watch and eval, 3 certain uses of t...
CA BrightStor ARCserve (msgeng.exe) Remote Heap Overflow Exploit 2
No description provided by source. !/usr/bin/perl original exploit by lssec.com this is a perl porting acaro at jervus.it use IO::Socket::INET; use Switch; if @ARGV 3 print "--------------------------------------------------------------------\n"; print "Usage : BrightStoreARCServer-11-5-4targets....
CVE-2006-3544
Multiple SQL injection vulnerabilities in Invision Power Board IPB 1.3 Final allow remote attackers to execute arbitrary SQL commands via the CODE parameter in a 1 Stats, 2 Mail, and 3 Reg action in index.php. NOTE: the developer has disputed this issue, stating that "At no point does the CODE...