5139 matches found
Table Rebuilding Code Execution Vulnerability — Mozilla
An anonymous researcher for TippingPoint and the Zero Day Initiative reports that an invalid and nonsensical ordering of table-related tags causes Mozilla to use a negative array index. This invalid memory use can be exploited to run code of the attacker's choice...
[Full-disclosure] ZDI-06-009: Mozilla Firefox Tag Parsing Code Execution Vulnerability
ZDI-06-009: Mozilla Firefox Tag Parsing Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-009.html April 14, 2006 -- CVE ID: CVE-2006-0749 -- Affected Vendor: Mozilla -- Affected Products: Firefox 1.0 through 1.0.7 Thunderbird 1.5 through 1.5.0.1 Thunderbird 1.0...
[Full-disclosure] ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability
ZDI-06-010: Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-010.html April 13, 2006 -- CVE ID: CVE-2006-1730 -- Affected Vendor: Mozilla -- Affected Products: Mozilla 1.7.x and below Firefox 1.5.x and below -- TippingPointTM IPS...
[Full-disclosure] ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow
ZDI-06-008: Novell GroupWise Messenger Accept-Language Buffer Overflow http://www.zerodayinitiative.com/advisories/ZDI-06-008.html April 13, 2006 -- CVE ID: CVE-2006-0092 -- Affected Vendor: Novell -- Affected Products: Novell GroupWise Messenger 2 -- TippingPointTM IPS Customer Protection:...
Mozilla Firefox Tag Order Vulnerability — Mozilla
A particular sequence of HTML tags that reliably crash Mozilla clients was reported by an anonymous researcher via TippingPoint and the Zero Day Initiative. The crash is due to memory corruption that can be exploited to run arbitrary code...
ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer Overflow
ZDI-06-005: Symantec VERITAS NetBackup Volume Manager Buffer Overflow http://www.zerodayinitiative.com/advisories/ZDI-06-005.html March 27, 2006 -- CVE ID: CVE-2006-0989 -- Affected Vendor: Symantec VERITAS -- Affected Products: VERITAS NetBackup v6.0 -- TippingPointTM IPS Customer Protection:...
ZDI-06-006: Symantec VERITAS NetBackup Database Manager Buffer Overflow
ZDI-06-006: Symantec VERITAS NetBackup Database Manager Buffer Overflow http://www.zerodayinitiative.com/advisories/ZDI-06-006.html March 27, 2006 -- CVE ID: CVE-2006-0990 -- Affected Vendor: Symantec VERITAS -- Affected Products: VERITAS NetBackup v6.0 -- TippingPointTM IPS Customer Protection:...
[Full-disclosure] EEYE: Temporary workaround for IE createTextRange vulnerability
eEye Digital Security has created a temporary work around for the current Internet Explorer zero day vulnerability within the IE createTextRange functionality. This workaround has been created because currently there is no solution from Microsoft other than the workaround to disable Active...
[Full-disclosure] ZDI-06-003: Ipswitch Collaboration Suite Code Execution Vulnerability
ZDI-06-003: Ipswitch Collaboration Suite Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-003.html March 13, 2006 -- CVE ID: CVE-2005-3526 -- Affected Vendor: Ipswitch -- Affected Products: Ipswitch Collaboration Suite 2006.02 and below -- TippingPointTM IPS Custome...
[SA19168] Ipswitch IMail Server/Collaboration Suite IMAP FETCH Vulnerability
TITLE: Ipswitch IMail Server/Collaboration Suite IMAP FETCH Vulnerability SECUNIA ADVISORY ID: SA19168 VERIFY ADVISORY: http://secunia.com/advisories/19168/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: IMail Secure Server 2006 http://secunia.com/product/8651/ IMail Server 2006...
Adobe Macromedia Shockwave Player ActiveX installer buffer overflow vulnerability
Overview The ActiveX installer for Adobe Macromedia Shockwave contains a buffer overflow, which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Shockwave Player Adobe Macromedia Shockwave Player is software that plays active web content...
ZDI-06-002: Adobe Macromedia ShockWave Code Execution
ZDI-06-002: Adobe Macromedia ShockWave Code Execution http://www.zerodayinitiative.com/advisories/ZDI-06-002.html February 23, 2006 -- CVE ID: CVE-2005-3525 -- Affected Vendor: Adobe Macromedia -- Affected Products: Macromedia Shockwave Installer -- TippingPointTM IPS Customer Protection:...
Winamp <= 5.12 (Crafted PLS) Remote Buffer Overflow Exploit (0-Day)
No description provided by source. / Winamp 5.12 Remote Buffer Overflow Universal Exploit Zero-Day Bug discovered & exploit coded by ATmaCA Web: http://www.spyinstructors.com && http://www.atmacasoft.com E-Mail: [email protected] Credit to Kozan / / Tested with : Winamp 5.12 on Win XP Pro Sp2 / ...
GLSA-200601-07 : ClamAV: Remote execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-200601-07 ClamAV: Remote execution of arbitrary code Zero Day Initiative ZDI reported a heap buffer overflow vulnerability. The vulnerability is due to an incorrect boundary check of the user-supplied data prior to copying it to a...
[SA18379] ClamAV Unspecified UPX File Handling Vulnerability
TITLE: ClamAV Unspecified UPX File Handling Vulnerability SECUNIA ADVISORY ID: SA18379 VERIFY ADVISORY: http://secunia.com/advisories/18379/ CRITICAL: Moderately critical IMPACT: Unknown WHERE: From remote SOFTWARE: Clam AntiVirus clamav 0.x http://secunia.com/product/2538/ DESCRIPTION: A...
[Full-disclosure] ZDI-05-002: Clam Antivirus Remote Code Execution
ZDI-05-002: Clam Antivirus Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-05-002.html November 4th, 2005 -- CVE ID: CAN-2005-3303 -- Affected Vendor: Clam AntiVirus -- Affected Products: Clam AntiVirus 0.80 through 0.87 -- TippingPointTM IPS Customer Protectio...
Winamp <= 5.04 Skin File (.wsz) Remote Code Execution Exploit
No description provided by source. This 0day exploit is known to be circulating in the wild There is no patch for this vulnerability - Do not use Winamp ! http://www.milw0rm.com/sploits/skinhead.rar 171 Ko index.html ----------- html head /head frameset rows=",1" framespacing="0" border="0"...
Local root vulnerability in most used Linux kernels
There is a zeroday exploit for kernel in hands of scriptkiddies. After they rooted locally 2 system which I've intrest and did dd if=/dev/zero of=/dev/hda1 & on both, I spended 7 hours to finding fragments we really need easies tools LDE with GUI block search capabilities This with help of Peter ...
OOBE ZDP
This category would be used by the updates that would meet the ZDP bar...