Microsoft WININET.dll - CHttp­Header­Parser::Parse­Status­Line Out-of-Bounds Read (MS16-104MS16-105)

Microsoft WININET.dll - CHttp­Header­Parser::Parse­Status­Line Out-of-Bounds Read MS16-104MS16-105 !-- Source: http://blog.skylined.nl/20161110001.html Synopsis A specially crafted HTTP response can cause the CHttp­Header­Parser::Parse­Status­Line method in WININET to read data beyond the end of ...

CVE-2016-9105

Memory leak in the v9fslink function in hw/9pfs/9p.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service memory consumption via vectors involving a reference to the source fid object...

CVE-2016-5253

Mozilla Firefox updater on Windows (pre-48.0) is affected. The Updater can be abused via the callback application-path parameter and a hard link to write arbitrary files (local privilege escalation). A fix is to upgrade to Firefox 48.0 or later; apply vendor advisories for the exact patched versi...

(Pwn2Own) Apple OS X IntelAccelerator Out-Of-Bounds Indexing Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

CVE-2016-2103

Multiple cross-site scripting XSS vulnerabilities in Red Hat Satellite 5 allow remote attackers to inject arbitrary web script or HTML via 1 the list1680466951oldfilterval parameter to systems/PhysicalList.do or 2 unspecified vectors involving systems/VirtualSystemsList.do...

Comodo AntiVirus - Heap Overflow in LZX Decompression

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=737 LzxDecoder::init initializes the vector LzxDecoder-window to a fixed size of 2^method bytes, which is then used during LzxDecoder::Extract. It's possible for LZX compressed streams to exceed this size. Writes to the window buff...

CVE-2016-0535

Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect availability via vectors related to RPC...

openSUSE: Security Advisory for java-1_7_0-openjdk (openSUSE-SU-2015:1906-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Three bypasses and a fix for one of Flash's Vector.<*> mitigations

Posted by Chris Evans, Cookie Monster With the release of Flash 18.0.0.209, two mitigations were introduced to combat abuse of Vector corruptions -- we covered these in a previous blog post. Flash 18.0.0.232 has just been released and it includes a change to the way one of the mitigations is...

Hacking Team Flash New 0Day exploit code analysis-vulnerability warning-the black bar safety net

The weekend early in the morning, you see the know Chong Yu on the microblogging said, the Hacking Team and leaked to the new Flash 0Day in the current measured. Thus the author download a copy of the exploit code, tested indeed in the latest version available, currently the official Adobe did no...

Google Blacklists Sites Peddling SoakSoak Malware

UPDATE Google blacklisted more than 10,000 different websites over the weekend that it spotted doling out SoakSoak malware, but experts claim the number of impacted sites may ultimately be ten times that figure. Up to 100,000 sites hosted on WordPress may be vulnerable to a campaign known as...

DNS Reverse Lookup Shellshock Exploit

DNS reverse lookups can be used as a vector of attack for the bash shellshock vulnerability. DNS Reverse Lookup as a vector for the Bash vulnerability CVE-2014-6271 et.al. CVE-2014-3671 references: CVE-2014-6271, CVE-2014-7169, CVE-2014-6277, CVE-2014-6278 CVE-2014-7186 and, CVE-2014-7187 Summary...

CVE-2014-5242

Cross-site scripting XSS vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value...

GSPlayer 1.83a Win32 Release Buffer Overflow Vulnerability

No description provided by source. Exploit Title: GSPlayer 1.83a Win32 Release Buffer Overflow Vulnerability Date: 2010/11/04 Author: moigai e-mail: [email protected] Software Link: http://www.vector.co.jp/download/file/win95/art/fh296344.html Version: 1.83a Win32 Release Tested on: Windows XP...

Drupal <= 5.2 PHP Zend Hash Vulnerability Exploitation Vector

No description provided by source. Drupal = 5.2 PHP Zend Hash Vulnerability Exploitation Vector Example: http://www.example.com/drupal/?menucallbacks1callback=drupaleval&menuitemstype=-1&-312030023=1&q=1/?phpinfo; milw0rm.com 2007-10-10...

Fedora Update for gnupg FEDORA-2014-7676

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for cups-filters FEDORA-2014-3738

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for kernel FEDORA-2014-2576

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-4160

Little CMS lcms2 before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service NULL pointer dereference and crash via vectors related to 1 cmsStageAllocLabV2ToV4curves, 2 cmsPipelineDup, 3 cmsAllocProfileSequenceDescription, 4 CurvesAlloc, and ...

Debian Security Advisory DSA 2583-1 (iceweasel - several vulnerabilities)

Multiple vulnerabilities have been found in Iceweasel, the Debian web browser based on Mozilla Firefox: CVE-2012-5829Heap-based buffer overflow in the nsWindow::OnExposeEvent function could allow remote attackers to execute arbitrary code. CVE-2012-5842Multiple unspecified vulnerabilities in the...