«
Expand/Collapse
184 items tagged "overflow vulnerability"
Related tags:
vupen [+],
shockwave [+],
research [+],
novell groupwise [+],
linux [+],
stack overflow [+],
remote [+],
adobe flash player [+],
safer use [+],
oracle java [+],
oracle [+],
java [+],
groupwise [+],
aoa [+],
word [+],
security research [+],
realplayer [+],
pdf [+],
ntp [+],
mozilla [+],
microsoft office word [+],
ftp [+],
flash [+],
firefox [+],
converter [+],
code [+],
advisory [+],
adobe shockwave player [+],
heap [+],
record [+],
point [+],
poc [+],
php [+],
office [+],
ms office [+],
mozilla firefox [+],
moaub [+],
microsoft security bulletin [+],
idefense [+],
floating point conversion [+],
critical vulnerability [+],
based buffer overflow [+],
adobe acrobat [+],
xrfc [+],
xnview [+],
winlog [+],
winamp [+],
vulnerability research [+],
video converter [+],
version 6 [+],
unsuspecting users [+],
time zone name [+],
sistemi [+],
sielco [+],
service [+],
server [+],
sap [+],
reflection [+],
reader [+],
query [+],
player versions [+],
phar [+],
operation [+],
nmap [+],
mp4 converter [+],
movicon [+],
microsoft reader [+],
messenger [+],
memory segment [+],
lotus [+],
local [+],
license server [+],
license [+],
java runtime environment [+],
image processing [+],
image [+],
html [+],
highcms [+],
gentoo linux security [+],
gentoo [+],
gateway service [+],
gateway [+],
flexnet [+],
flashpix [+],
extension [+],
execution [+],
dvd [+],
dizzy [+],
data execution prevention [+],
creator [+],
crash proof [+],
corelan [+],
bugtraq [+],
attachmate [+],
arbitrary code execution [+],
aol [+],
aoa dvd creator [+],
altigen [+],
overflow [+],
vmware products [+],
video [+],
vcf [+],
vcard file [+],
socat [+],
searcher [+],
prl [+],
powerhmi [+],
pe explorer [+],
operations manager [+],
operations [+],
office excel [+],
novell netware version [+],
novell iprint [+],
netgear [+],
multiple [+],
media jukebox [+],
media [+],
lotus domino [+],
lexmark laser printers [+],
lexmark [+],
kmeleon [+],
k meleon [+],
jukebox [+],
j. river [+],
j river [+],
ibm [+],
gnu [+],
file [+],
explorer 1 [+],
explorer [+],
excel [+],
dsa [+],
driver stack [+],
domino icalendar [+],
daqfactory [+],
build [+],
audio converter [+],
audio [+],
archive [+],
apple quicktime [+],
anvsoft [+],
acoustica [+],
txt [+],
zip [+],
xls [+],
winmount [+],
winmerge [+],
windows [+],
webapps [+],
vmware [+],
tiff bitspersample [+],
thunderbird [+],
tgz [+],
tembria [+],
studio [+],
stack overflow error [+],
server monitor [+],
seamonkey [+],
regular expression [+],
record stack [+],
real networks [+],
real [+],
rcmd [+],
quicktime pict [+],
project [+],
processing [+],
pcre [+],
parameter stack [+],
papyrus [+],
overflow error [+],
opentype [+],
nshc [+],
novell netware [+],
norex [+],
nicb [+],
networks [+],
netware [+],
msexcelobj [+],
mou [+],
month [+],
microsoft powerpoint [+],
microsoft corp [+],
memory corruption [+],
mapguide viewer version [+],
mapguide [+],
mailto [+],
lotus notes client [+],
javacmm [+],
iptools [+],
internetwork [+],
iis [+],
ica [+],
ibase [+],
gnu ed [+],
gen [+],
ftp client [+],
file processing [+],
expression [+],
edg [+],
domino [+],
denial of service [+],
day [+],
cmm [+],
client [+],
clickunzip [+],
citrix ica client [+],
citrix [+],
ciscoworks [+],
cisco security advisory [+],
cisco security [+],
cinepak [+],
burning [+],
bugs microsoft [+],
biff [+],
autodesk mapguide viewer [+],
autodesk [+],
ashampoo [+],
argument [+],
activex [+],
abysssec [+],
vulnerability [+],
security [+],
proof of concept [+],
microsoft [+],
idefense security advisory [+],
novell [+],
player [+],
adobe [+]
-
-
16:23
»
Packet Storm Security Exploits
FlexNet License Server Manager versions 11.9.1 and below suffer from a stack overflow vulnerability in lmgrd. Proof of concept included.
-
-
19:37
»
Packet Storm Security Exploits
Novell GroupWise Messenger Client versions 2.1.0 and below suffer from a unicode stack overflow vulnerability. Proof of concept code included.
-
19:37
»
Packet Storm Security Misc. Files
Novell GroupWise Messenger Client versions 2.1.0 and below suffer from a unicode stack overflow vulnerability. Proof of concept code included.
-
-
16:45
»
Packet Storm Security Exploits
This Metasploit module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using Windows Media Player's ActiveX control. Exploitation is done by supplying a specially crafted MIDI file with specific events, causing the offset calculation being higher than how much is available on the heap (0x400 allocated by WINMM!winmmAlloc), and then allowing us to either "inc al" or "dec al" a byte. This can be used to corrupt an array (CImplAry) we setup, and force the browser to confuse types from tagVARIANT objects, which leverages remote code execution under the context of the user. At this time, for IE 8 target, JRE (Java Runtime Environment) is required to bypass DEP (Data Execution Prevention). Note: Based on our testing, the vulnerability does not seem to trigger when the victim machine is operated via rdesktop.
-
16:45
»
Packet Storm Security Recent Files
This Metasploit module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using Windows Media Player's ActiveX control. Exploitation is done by supplying a specially crafted MIDI file with specific events, causing the offset calculation being higher than how much is available on the heap (0x400 allocated by WINMM!winmmAlloc), and then allowing us to either "inc al" or "dec al" a byte. This can be used to corrupt an array (CImplAry) we setup, and force the browser to confuse types from tagVARIANT objects, which leverages remote code execution under the context of the user. At this time, for IE 8 target, JRE (Java Runtime Environment) is required to bypass DEP (Data Execution Prevention). Note: Based on our testing, the vulnerability does not seem to trigger when the victim machine is operated via rdesktop.
-
16:45
»
Packet Storm Security Misc. Files
This Metasploit module exploits a heap overflow vulnerability in the Windows Multimedia Library (winmm.dll). The vulnerability occurs when parsing specially crafted MIDI files. Remote code execution can be achieved by using Windows Media Player's ActiveX control. Exploitation is done by supplying a specially crafted MIDI file with specific events, causing the offset calculation being higher than how much is available on the heap (0x400 allocated by WINMM!winmmAlloc), and then allowing us to either "inc al" or "dec al" a byte. This can be used to corrupt an array (CImplAry) we setup, and force the browser to confuse types from tagVARIANT objects, which leverages remote code execution under the context of the user. At this time, for IE 8 target, JRE (Java Runtime Environment) is required to bypass DEP (Data Execution Prevention). Note: Based on our testing, the vulnerability does not seem to trigger when the victim machine is operated via rdesktop.
-
-
19:07
»
SecuriTeam
A memory corruption vulnerability can be triggered when a Lotus Notes client parses a .XLS file with a specially crafted BIFF record.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
16:23
»
Packet Storm Security Exploits
Ashampoo Burning Studio Elements version 10.0.9 suffers from a heap overflow vulnerability. It fails to properly sanitize user supplied input when parsing .ashprj project file formats resulting in a crash corrupting the heap-based memory. The attacker can use this scenario to lure unsuspecting users to open malicious crafted .ashprj files with a potential for arbitrary code execution on the affected system.
-
16:23
»
Packet Storm Security Recent Files
Ashampoo Burning Studio Elements version 10.0.9 suffers from a heap overflow vulnerability. It fails to properly sanitize user supplied input when parsing .ashprj project file formats resulting in a crash corrupting the heap-based memory. The attacker can use this scenario to lure unsuspecting users to open malicious crafted .ashprj files with a potential for arbitrary code execution on the affected system.
-
16:23
»
Packet Storm Security Misc. Files
Ashampoo Burning Studio Elements version 10.0.9 suffers from a heap overflow vulnerability. It fails to properly sanitize user supplied input when parsing .ashprj project file formats resulting in a crash corrupting the heap-based memory. The attacker can use this scenario to lure unsuspecting users to open malicious crafted .ashprj files with a potential for arbitrary code execution on the affected system.
-
-
15:34
»
Packet Storm Security Advisories
iDefense Security Advisory 09.26.11 - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed calendar recurrence (RRULE) that recurs on weekdays. A heap based buffer overflow can be triggered due to the lack of checks to ensure that there is enough space in the buffer to hold all of the RRULE entry data. Novell GroupWise 8.0x up to (and including) 8.02HP2 are vulnerable.
-
15:34
»
Packet Storm Security Recent Files
iDefense Security Advisory 09.26.11 - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed calendar recurrence (RRULE) that recurs on weekdays. A heap based buffer overflow can be triggered due to the lack of checks to ensure that there is enough space in the buffer to hold all of the RRULE entry data. Novell GroupWise 8.0x up to (and including) 8.02HP2 are vulnerable.
-
15:34
»
Packet Storm Security Misc. Files
iDefense Security Advisory 09.26.11 - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed calendar recurrence (RRULE) that recurs on weekdays. A heap based buffer overflow can be triggered due to the lack of checks to ensure that there is enough space in the buffer to hold all of the RRULE entry data. Novell GroupWise 8.0x up to (and including) 8.02HP2 are vulnerable.
-
6:25
»
Packet Storm Security Advisories
iDefense Security Advisory 09.26.11 - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed time zone description field (TZNAME). A heap based buffer overflow can be triggered by supplying an excessively long string when copying the time zone name. Novell GroupWise 8.0x up to (and including) 8.02HP2 are vulnerable.
-
6:25
»
Packet Storm Security Recent Files
iDefense Security Advisory 09.26.11 - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed time zone description field (TZNAME). A heap based buffer overflow can be triggered by supplying an excessively long string when copying the time zone name. Novell GroupWise 8.0x up to (and including) 8.02HP2 are vulnerable.
-
6:25
»
Packet Storm Security Misc. Files
iDefense Security Advisory 09.26.11 - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed time zone description field (TZNAME). A heap based buffer overflow can be triggered by supplying an excessively long string when copying the time zone name. Novell GroupWise 8.0x up to (and including) 8.02HP2 are vulnerable.
-
-
18:44
»
SecuriTeam
Microsoft Windows contains a vulnerability caused by a stack overflow error in the OpenType Compact Font Format (CFF) driver "ATMFD.dll".
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
18:54
»
Packet Storm Security Advisories
iDefense Security Advisory 06.14.11 - Remote exploitation of a heap overflow vulnerability in Adobe Systems Inc.'s Shockwave could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when Shockwave processes a maliciously constructed "DRCF" chunk. Specifically, when parsing a substructure inside of this chunk, it is possible to trigger a code path that leads to an incorrect string copy operation. The vulnerable code performs a certain operation on a heap-based buffer, which has the effect of overwriting the NULL terminator of the string in the middle of the copy operation. This will lead to an endless copy loop until the read operation hits the end of the memory segment. This operation writes beyond the allocated heap buffer, and can lead to the execution of arbitrary code. Shockwave Player version 11.5.9.620 and prior are vulnerable.
-
18:54
»
Packet Storm Security Recent Files
iDefense Security Advisory 06.14.11 - Remote exploitation of a heap overflow vulnerability in Adobe Systems Inc.'s Shockwave could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when Shockwave processes a maliciously constructed "DRCF" chunk. Specifically, when parsing a substructure inside of this chunk, it is possible to trigger a code path that leads to an incorrect string copy operation. The vulnerable code performs a certain operation on a heap-based buffer, which has the effect of overwriting the NULL terminator of the string in the middle of the copy operation. This will lead to an endless copy loop until the read operation hits the end of the memory segment. This operation writes beyond the allocated heap buffer, and can lead to the execution of arbitrary code. Shockwave Player version 11.5.9.620 and prior are vulnerable.
-
18:54
»
Packet Storm Security Misc. Files
iDefense Security Advisory 06.14.11 - Remote exploitation of a heap overflow vulnerability in Adobe Systems Inc.'s Shockwave could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when Shockwave processes a maliciously constructed "DRCF" chunk. Specifically, when parsing a substructure inside of this chunk, it is possible to trigger a code path that leads to an incorrect string copy operation. The vulnerable code performs a certain operation on a heap-based buffer, which has the effect of overwriting the NULL terminator of the string in the middle of the copy operation. This will lead to an endless copy loop until the read operation hits the end of the memory segment. This operation writes beyond the allocated heap buffer, and can lead to the execution of arbitrary code. Shockwave Player version 11.5.9.620 and prior are vulnerable.
-
-
10:58
»
Packet Storm Security Exploits
The PHP phar extension suffers from a heap overflow vulnerability. PHP version 5.3.6 is affected with phar extension version 1.1.1.
-
-
15:49
»
Packet Storm Security Exploits
Microsoft HTML Help versions 6.1 and below suffer from a stack overflow vulnerability in itss.dll. Proof of concept code is included.
-
-
17:06
»
Packet Storm Security Exploits
Microsoft Reader versions 2.1.1.3143 and below and versions 2.6.1.7169 and below suffer from a heap overflow vulnerability caused by the allocation of a certain amount of memory and the copying of arbitrary data during the decompression of the sections. Proof of concept code included.
-
17:06
»
Packet Storm Security Recent Files
Microsoft Reader versions 2.1.1.3143 and below and versions 2.6.1.7169 and below suffer from a heap overflow vulnerability caused by the allocation of a certain amount of memory and the copying of arbitrary data during the decompression of the sections. Proof of concept code included.
-
17:06
»
Packet Storm Security Misc. Files
Microsoft Reader versions 2.1.1.3143 and below and versions 2.6.1.7169 and below suffer from a heap overflow vulnerability caused by the allocation of a certain amount of memory and the copying of arbitrary data during the decompression of the sections. Proof of concept code included.
-
-
16:40
»
SecuriTeam
RealPlayer contains a vulnerability caused by a heap overflow error when handling malformed RA5 files.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
19:48
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201101-1 - gif2png contains a stack overflow vulnerability when parsing command line arguments. gif2png contains a command line parsing vulnerability that may result in a stack overflow due to an unexpectedly long input filename. Versions less than 2.5.1-r1 are affected.
-
19:48
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201101-1 - gif2png contains a stack overflow vulnerability when parsing command line arguments. gif2png contains a command line parsing vulnerability that may result in a stack overflow due to an unexpectedly long input filename. Versions less than 2.5.1-r1 are affected.
-
19:48
»
Packet Storm Security Misc. Files
Gentoo Linux Security Advisory 201101-1 - gif2png contains a stack overflow vulnerability when parsing command line arguments. gif2png contains a command line parsing vulnerability that may result in a stack overflow due to an unexpectedly long input filename. Versions less than 2.5.1-r1 are affected.
-
10:37
»
SecuriTeam
Microsoft Office Word contains a critical vulnerability.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
7:22
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling malformed RA5 files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
7:22
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling malformed RA5 files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
7:22
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling malformed RA5 files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
-
12:03
»
SecuriTeam
Microsoft Office Word contains a Overflow Vulnerability in LVL Structure Heap.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
11:09
»
SecuriTeam
Microsoft Office Word Document contains a Heap Overflow Vulnerability.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
17:33
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM Lotus Domino.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
21:01
»
Packet Storm Security Exploits
Month Of Abysssec Undisclosed Bugs - The Novell iPrint client browser plug-in suffers from a parameter stack overflow vulnerability.
-
-
16:55
»
SecuriTeam
A Heap Overflow vulnerability was discovered in VMware products.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
18:00
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 10-150 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists in the parsing of sprmCMajority records in a Word document. Due to the lack of parameter checking when processing sprmCMajority sprm groups it is possible to arbitrarily control the amount of data being written to a stack based buffer resulting in a stack overflow vulnerability which can overwrite critical exception structures. Successful exploitation can lead to remote code execution under the credentials of the currently logged in user.
-
18:00
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 10-150 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must open a malicious document. The specific flaw exists in the parsing of sprmCMajority records in a Word document. Due to the lack of parameter checking when processing sprmCMajority sprm groups it is possible to arbitrarily control the amount of data being written to a stack based buffer resulting in a stack overflow vulnerability which can overwrite critical exception structures. Successful exploitation can lead to remote code execution under the credentials of the currently logged in user.
-
-
10:01
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2090-1 - A stack overflow vulnerability was found in socat that allows an attacker to execute arbitrary code with the privileges of the socat process.
-
10:00
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2090-1 - A stack overflow vulnerability was found in socat that allows an attacker to execute arbitrary code with the privileges of the socat process.
-
-
2:58
»
SecuriTeam
A critical vulnerability was discovered affecting Microsoft Office Excel.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
17:57
»
SecuriTeam
A Remote Code Execution vulnerability was discovered in Novell Netware FTP.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
12:42
»
SecuriTeam
A Heap Overflow vulnerability was discovered in Apple Quicktime.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
16:42
»
SecuriTeam
A Heap Overflow vulnerability was discovered in Apple Quicktime.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
5:20
»
SecuriTeam
Remote exploitation of a heap overflow vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
8:00
»
Packet Storm Security Recent Files
iDefense Security Advisory 03.09.10 - Remote exploitation of a heap overflow vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an MDXSET record inside of the Excel Workbook globals stream. This record is used to store metadata for external data connections in the workbook. The vulnerability occurs when a MDXSET record is broken up into several records. This could allow an attacker to trigger a heap based buffer overflow by controlling both the allocation size of a heap buffer and the number of bytes copied into this buffer. iDefense has confirmed the existence of this vulnerability in Excel versions 2007 SP0, SP1, and SP2. Previous versions do not appear to be affected as they do not support parsing the record that triggers the vulnerability. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.
-
8:00
»
Packet Storm Security Recent Files
iDefense Security Advisory 03.09.10 - Remote exploitation of a heap overflow vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an MDXTUPLE record inside of the Excel Workbook globals stream. This record is used to store metadata for external data connections in the workbook. The vulnerability occurs when a MDXTUPLE record is broken up into several records. This could allow an attacker to trigger a heap based buffer overflow by controlling both the allocation size of a heap buffer and the number of bytes copied into this buffer. iDefense has confirmed the existence of this vulnerability in Excel versions 2007 SP0, SP1, and SP2. Previous versions do not appear to be affected as they do not support parsing the record that triggers the vulnerability. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.
-
8:00
»
Packet Storm Security Advisories
iDefense Security Advisory 03.09.10 - Remote exploitation of a heap overflow vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an MDXSET record inside of the Excel Workbook globals stream. This record is used to store metadata for external data connections in the workbook. The vulnerability occurs when a MDXSET record is broken up into several records. This could allow an attacker to trigger a heap based buffer overflow by controlling both the allocation size of a heap buffer and the number of bytes copied into this buffer. iDefense has confirmed the existence of this vulnerability in Excel versions 2007 SP0, SP1, and SP2. Previous versions do not appear to be affected as they do not support parsing the record that triggers the vulnerability. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.
-
8:00
»
Packet Storm Security Advisories
iDefense Security Advisory 03.09.10 - Remote exploitation of a heap overflow vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an MDXTUPLE record inside of the Excel Workbook globals stream. This record is used to store metadata for external data connections in the workbook. The vulnerability occurs when a MDXTUPLE record is broken up into several records. This could allow an attacker to trigger a heap based buffer overflow by controlling both the allocation size of a heap buffer and the number of bytes copied into this buffer. iDefense has confirmed the existence of this vulnerability in Excel versions 2007 SP0, SP1, and SP2. Previous versions do not appear to be affected as they do not support parsing the record that triggers the vulnerability. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.
-
-
23:00
»
Packet Storm Security Recent Files
Hellcode Research has discovered a heap overflow vulnerability in AOL 9.5. Opening a malformed vCard file (.vcf) with AOL 9.5 causes a crash on waol.exe . Successful exploitation may allow execution of arbitrary code.
-
23:00
»
Packet Storm Security Advisories
Hellcode Research has discovered a heap overflow vulnerability in AOL 9.5. Opening a malformed vCard file (.vcf) with AOL 9.5 causes a crash on waol.exe . Successful exploitation may allow execution of arbitrary code.
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution