Security Vulnerabilities fixed in Firefox 85.0.1 and Firefox ESR 78.7.1 — Mozilla

In the Angle graphics library, depth pitch computations did not take into account the block size and simply multiplied the row pitch with the pixel height. This caused the load functions to use a very high depth pitch, reading past the end of the user-supplied buffer.Note: This issue only affecte...

Privilege escalation

A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac Consumer 7.0 2017 and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation function on 0x6F4E offse...

CVE-2018-18329

A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac Consumer 7.0 2017 and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation function on 0x6F4E offse...

Affix Bluetooth Protocol Stack 3.1/3.2 Signed Buffer Index Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/13347/info A local signed buffer index vulnerability affects Affix Bluetooth Protocol Stack. This issue is due to a failure of the affected utility to properly handle user-supplied buffer size parameters. This issue may b...

MPlayer sdpplin_parse() Array Indexing Buffer Overflow Exploit PoC

No description provided by source. !/usr/bin/perl Huston, mplayer got some vulns! : CVE-2008-0073 also apply to mplayer and vlc with some distinctions. Assuming kernel.varandomize=0 this overwrite EIP with a "stream" structure on my box...