Google Chrome Multiple Vulnerabilities - 01 (Sep 2014) - Windows

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

Photorange v1.0 iOS - File Include Web Vulnerability

Document Title: =============== Photorange v1.0 iOS - File Include Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1318 Release Date: ============= 2014-09-06 Vulnerability Laboratory ID VL-ID: ==================================== 1318...

Stable Channel Update for Chrome OS

The Stable channel has been updated to 37.0.2062.119 Platform version: 5978.80.0/5978.81.0 for all Chrome OS devices except Acer C7 Chromebook, Samsung Chromebook Series 5 and HP Pavilion Chromebook . This build contains a number of bug fixes, security updates and feature enhancements. Systems wi...

CVE-2014-3176

Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177...

CVE-2014-3176

Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177...

Code injection

Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177...

CVE-2014-3177

Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176...

CVE-2014-3176

Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177...

CVE-2014-3176

Removed by vendor...

Google Chrome < 37.0.2062.94 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 37.0.2062.94. It is, therefore, affected by the following vulnerabilities : - Blink contains a use-after-free vulnerability in its SVG implementation. By using a specially crafted web page, a remote attacker...

Stable Channel Update

The Chrome team is delighted to announce the promotion of Chrome 37 to the stable channel for Windows, Mac and Linux. Chrome 37.0.2062.94 contains a number of fixes and improvements, including: - DirectWrite support on Windows for improved font rendering - A number of new apps/extension APIs -...

Easy FTP Pro 4.2 iOS - Command Injection Vulnerabilities

No description provided by source. Document Title: =============== Easy FTP Pro v4.2 iOS - Command Inject Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1291 Release Date: ============= 2014-08-06 Vulnerability Laboratory ID VL-ID:...

Cisco Unified Presence Server Sync Agent Vulnerability

A vulnerability in the Intercluster Sync Agent Service on Cisco Unified Presence Server could allow an unauthenticated, remote attacker to trigger a denial of service DoS condition. The vulnerability is due to a SYN flood. An attacker could exploit this vulnerability by exceeding the tcp max...

CVE-2014-3328

CVE-2014-3328 affects Cisco Unified Presence Server’s Intercluster Sync Agent Service. A remote attacker can trigger a denial-of-service by sending大量 TCP SYN traffic, exploiting a SYN flood condition (Bug CSCun34125). Cisco’s advisory notes that software updates are not available to fix this vuln...

Raritan PowerIQ 4.1.0 - SQL Injection Vulnerability

Exploit for linux platform in category web applications =begin Raritan PowerIQ suffers from an unauthenticated SQL injection vulnerability within an endpoint used during initial configuration of the licensing for the product. This endpoint is still available after the appliance has been fully...

Atrus Trivalie Productions Simple Network Time Sync 1.0 daemon Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/1289/info A scanf overflow has been discovered in the Simple Network Time Sync daemon and client version 1.0. Currently the buffer overflow has been tested on RedHat 6.1. It may be possible to obtain root, although it...

Linux Kernel <= 2.6.9 / <= 2.4.28 - vc_resize int Local Overflow Exploit

No description provided by source. / vcresize int overflow Copyright Georgi Guninski Cannot be used in vulnerability databases / include stdio.h include stdlib.h include sys/types.h include sys/stat.h include fcntl.h include linux/vt.h include sys/vt.h include sys/ioctl.h include string.h include...

Solaris/x86 - Sync() & reboot() & exit(0) - 48 bytes

No description provided by source. / Title: Solaris/x86 - Sync & reboot & exit0 - 48 bytes Author: Jonathan Salwan submit AT shell-storm.org Web: http://www.shell-storm.org Twitter: http://twitter.com/jonathansalwan ! Database of shellcodes: http://www.shell-storm.org/shellcode/ Date: 2010-06-07...

os-x/ppc sync(), reboot() 32 bytes

No description provided by source. / MacOSX/PowerPC Shellcode for: sync, reboot 32 bytes hophet at gmail.com http://www.nlabs.com.br/hophet/ / include stdio.h include string.h char shellcode = \x7c\x63\x1a\x79 \x39\x40\x01\x06 \x38\x0a\xff\x1e \x44\xff\xff\x02 \x60\x60\x60\x60 \x39\x40\x01\x19...

Google AD Sync Tool - Exposure of Sensitive Information Vulnerability

No description provided by source. Sense of Security - Security Advisory - SOS-13-001 Release Date. 03-Apr-2013 Last Update. - Vendor Notification Date. 03-Sep-2012 Product. Google Active Directory Sync GADS Tool Platform. Windows, Linux, Solaris Affected versions. All versions up to 3.1.3 Severi...