nodejs: Out of bounds (OOB) write via UCS-2 encoding

In all versions of Node.js prior to 6.14.4, 8.11.4 and 10.9.0 when used with UCS-2 encoding recognized by Node.js under the names 'ucs2', 'ucs-2', 'utf16le' and 'utf-16le', Bufferwrite can be abused to write outside of the bounds of a single Buffer. Writes that start from the second-to-last...

Hand to hand teach you how to construct the office exploits EXP（fourth period）-bug warning-the black bar safety net

This is a period of vulnerability to share with you is CVE-2015-1641 learning summary, this vulnerability due to its good versatility and stability claims to have replaced the CVE-2012-0158 trend. The vulnerability is a type confusion class of vulnerability, through which you can achieve arbitrar...

CVE-2016-3861

LibUtils in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 mishandles conversions between Unicode character encodings with different encoding widths, which allows remote attackers to execute arbitrary code or cause a denial of...

The vulnerability of the Flash Player software allows a malicious attacker to execute arbitrary code or cause a service failure.

The Flash Player software contains a vulnerability in the “PCRE” component, which stems from insufficient data validation when processing the “\c” control sequence followed by a character in UTF-8 encoding. This vulnerability can be exploited by malicious actors using a specially crafted swf file...

UBUNTU-CVE-2014-1559

Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service X.509 certificate parsing outage via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558...

CVE-2014-1346

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret Unicode encoding, which allows remote attackers to spoof a postMessage origin, and bypass intended restrictions on sending a message to a connected frame or window, via crafted characters in a URL...

Design/Logic Flaw

WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret Unicode encoding, which allows remote attackers to spoof a postMessage origin, and bypass intended restrictions on sending a message to a connected frame or window, via crafted characters in a URL...

CVE-2014-1346

CVE-2014-1346 affects WebKit as used in Apple Safari before 6.1.4 and 7.x before 7.0.4. The issue is an encoding/unicode handling flaw in URLs that allows remote attackers to spoof a postMessage origin and bypass restrictions when sending a message to a connected frame/window. Impact is spoofing ...

Advanced File Binder: Rakabulle

Advanced File Binder from DarkComet RAT Developer Rakabulle in one word is a file binder from DarkComet RAT Developer with few novel features which could transform a simple binder program to something very complex. What is a file binder? In few words a file binder is a tiny tool which allows...

Improper Handling of Alternate Encoding

Overview Affected versions of this package are vulnerable to Improper Handling of Alternate Encoding via boost::locale::utf::utftraits in the /boost/locale/utf.hpp, which does not properly detect certain invalid UTF-8 sequences. A remote attacker can bypass input validation protection mechanisms...

FreeBSD : libpurple -- Remote DoS via an MSN OIM message that lacks UTF-8 encoding (7289214f-7c55-11e1-ab3b-000bcdf0a03b)

US-CERT reports : The msnoimreporttouser function in oim.c in the MSN protocol plugin in libpurple in Pidgin before 2.10.2 allows remote servers to cause a denial of service application crash via an OIM message that lacks UTF-8 encoding. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

PHP 6.0 Dev - 'str_transliterate()' Local Buffer Overflow

Exploited by TheLeader, Debug SP. Thanks: HDM http://www.nullbyte.org.il This code should exploits a buffer overflow in the strtransliterate function to call WinExec and execute CALC Take a look, 'unicode.semantics' has to be on! php.ini unicode.semantics = on ifinigetbool'unicode.semantics' $buf...

kernel: utf8 selection memory corruption

The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service memory corruption by selecting a small number of 3-byte UTF-8 characters, which...

tomcat Unicode directory traversal vulnerability

Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than...

tomcat Unicode directory traversal vulnerability

Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking and UTF-8 are enabled, allows remote attackers to read arbitrary files via encoded directory traversal sequences in the URI, a different vulnerability than...

WinRAR 7z-compressed packet processing overflow analysis and use-vulnerability and early warning-the black bar safety net

This article has been published in the hacker line of Defense of the 2 0 0 7 year 4 monthly. The author and the hacker line of Defense on the retention of copyright, reproduced, please indicate the original source. For the reader: overflow of lovers Pre-knowledge: Assembly language, buffer overfl...

WinRAR 7z-compressed packet processing overflow analysis and use-vulnerability and early warning-the black bar safety net

This article has been published in the hacker line of Defense of the 2 0 0 7 year 4 monthly. The author and the hacker line of Defense on the retention of copyright, reproduced, please indicate the original source. For the reader: overflow of lovers Pre-knowledge: Assembly language, buffer overfl...

QQ Traveler vulnerability analysis and exploit(0day)-vulnerability warning-the black bar safety net

failwest shineast Vulnerability overview Tencent TTQQ Traveleris a multi-page browser has a friendly user interface, offers a variety of skin for the user based on personal preferences, in addition TT is a new more user-friendly features that make surfing the Internet more easily and freely, savi...

Directory traversal

F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to access restricted URLs via 1 a trailing null byte, 2 multiple leading slashes, 3 Unicode encoding, 4 URL-encoded directory traversal or same-directory characters, or 5 upper case letters in the domain name...

CVE-2007-0187

F5 FirePass 5.4 through 5.5.2 and 6.0 allows remote attackers to access restricted URLs via 1 a trailing null byte, 2 multiple leading slashes, 3 Unicode encoding, 4 URL-encoded directory traversal or same-directory characters, or 5 upper case letters in the domain name...