«
Expand/Collapse
249 items tagged "vulnerability research"
Related tags:
novell groupwise [+],
groupwise [+],
buffer overflow vulnerability [+],
bmp images [+],
webkit [+],
heap [+],
google [+],
chrome [+],
stack overflow error [+],
office publisher [+],
heap corruption [+],
handling [+],
groupwise calendar [+],
attackers [+],
research security [+],
overflow errors [+],
overflow [+],
nsense [+],
flash [+],
microsoft [+],
txt [+],
shockwave [+],
network node manager [+],
use after free [+],
time behaviour [+],
text [+],
t interactive [+],
sun java jdk [+],
ssl [+],
sound [+],
service vulnerability [+],
server side applications [+],
server [+],
security [+],
scrollbar [+],
scada [+],
remote buffer overflow [+],
realmedia [+],
real time data [+],
reader [+],
procyon [+],
player [+],
pdf file format [+],
overflow vulnerability [+],
oracle java [+],
opentype [+],
novell ldap [+],
nodes [+],
netware system [+],
microsoft windows media [+],
meta tag [+],
meta [+],
memory [+],
media [+],
lua script [+],
load path [+],
ldap ssl [+],
lan [+],
invalid pointer [+],
iframe [+],
hmi software [+],
graphical [+],
fms [+],
flash activex control [+],
file [+],
driver stack [+],
director file [+],
digital video recording [+],
denial of service [+],
denial [+],
daemon [+],
d remote [+],
core [+],
certificate [+],
caldav server [+],
caldav [+],
block [+],
automation component [+],
authentication header [+],
audio [+],
arbitrary code [+],
apple quicktime [+],
animation behaviors [+],
advisory [+],
acrobat reader image [+],
aac [+],
overflow error [+],
adobe [+],
vupen [+],
web [+],
vmware products [+],
validation errors [+],
tiff bitspersample [+],
tiff [+],
teamspeak [+],
system versions [+],
scroll [+],
ruby [+],
pict [+],
network [+],
integer overflow [+],
focus events [+],
dll module [+],
debian [+],
daqfactory [+],
d director [+],
command line arguments [+],
cisco unified communications manager [+],
bytecode [+],
buffer overflow [+],
azeotech [+],
avi [+],
adobe flash player [+],
memory corruption [+],
windows [+],
web page versions [+],
adobe acrobat reader [+],
vulnerability [+],
acrobat [+],
webmail client [+],
vulnerability assessment [+],
validation error [+],
usa [+],
testing [+],
site [+],
secunia [+],
richard johnson tags [+],
research toolkit [+],
read [+],
process [+],
pict images [+],
penetration [+],
office excel [+],
name [+],
movie file [+],
movie [+],
math server [+],
malicious users [+],
jpeg data [+],
jdkjreunpack [+],
invalid index [+],
input validation [+],
inguma [+],
hacking [+],
graphics interchange format [+],
foregone conclusion [+],
exec [+],
database [+],
darknet [+],
bug [+],
apple itunes [+],
adobeiml [+],
acrobat versions [+],
apple safari [+],
oracle [+],
java [+],
realplayer [+],
internet [+],
critical vulnerability [+],
free error [+],
excel [+],
publisher [+],
novell [+],
code execution [+],
pdf [+],
adobe shockwave player [+]
-
-
6:19
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an invalid object being used when parsing a malformed video via "NetStream.appendBytes", which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP enabled.
-
-
15:50
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the "vgx.dll" component when processing certain VML behaviors, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
-
15:50
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the "vgx.dll" component when processing certain VML behaviors, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
-
15:50
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the "vgx.dll" component when processing certain VML behaviors, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
-
-
17:36
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a memory corruption error within the Matrix3D class when processing malformed 3D data within SWF files, which could be exploited by attackers to potentially compromise a vulnerable system or disclose memory information by tricking a user into visiting a specially crafted web page. Adobe Flash Player versions 11.1.102.62 and below are affected.
-
17:36
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a memory corruption error within the Matrix3D class when processing malformed 3D data within SWF files, which could be exploited by attackers to potentially compromise a vulnerable system or disclose memory information by tricking a user into visiting a specially crafted web page. Adobe Flash Player versions 11.1.102.62 and below are affected.
-
17:36
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a memory corruption error within the Matrix3D class when processing malformed 3D data within SWF files, which could be exploited by attackers to potentially compromise a vulnerable system or disclose memory information by tricking a user into visiting a specially crafted web page. Adobe Flash Player versions 11.1.102.62 and below are affected.
-
-
19:02
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an integer overflow error when processing malformed image data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file. Versions affected include Adobe Acrobat and Reader X (10.1.1) and prior and Adobe Acrobat and Reader 9.4.7 and prior.
-
19:02
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an integer overflow error when processing malformed image data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file. Versions affected include Adobe Acrobat and Reader X (10.1.1) and prior and Adobe Acrobat and Reader 9.4.7 and prior.
-
19:02
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an integer overflow error when processing malformed image data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file. Versions affected include Adobe Acrobat and Reader X (10.1.1) and prior and Adobe Acrobat and Reader 9.4.7 and prior.
-
-
19:20
»
Packet Storm Security Advisories
Secunia Security Advisory - Vulnerability Research Laboratory has reported a vulnerability in @Mail Webmail Client, which can be exploited by malicious users to conduct script insertion attacks.
-
-
14:22
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the "mshtml.dll" module when handling a specific Time behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
-
14:22
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the "mshtml.dll" module when handling a specific Time behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
-
14:22
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the "mshtml.dll" module when handling a specific Time behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
-
14:21
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the TIME (datime.dll) module when loaded via a specific behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
-
14:21
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the TIME (datime.dll) module when loaded via a specific behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
-
14:21
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the TIME (datime.dll) module when loaded via a specific behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
-
14:20
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows Media Player. The vulnerability is caused by a buffer overflow error in the XDSCodec & Encypter/Decrypter Tagger Filters "ENCDEC.DLL" within Windows Media Player when processing certain fields within a DVR-MS (Digital Video Recording) file, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page or a malicious ".dvr-ms" media file.
-
14:20
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows Media Player. The vulnerability is caused by a buffer overflow error in the XDSCodec & Encypter/Decrypter Tagger Filters "ENCDEC.DLL" within Windows Media Player when processing certain fields within a DVR-MS (Digital Video Recording) file, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page or a malicious ".dvr-ms" media file.
-
14:20
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows Media Player. The vulnerability is caused by a buffer overflow error in the XDSCodec & Encypter/Decrypter Tagger Filters "ENCDEC.DLL" within Windows Media Player when processing certain fields within a DVR-MS (Digital Video Recording) file, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page or a malicious ".dvr-ms" media file.
-
14:19
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Adobe Flash Player. The vulnerability is caused by an uninitialized stack variable when processing an invalid "SAlign" property of the Flash ActiveX control, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Versions prior to 11.1.102.55 are affected.
-
14:19
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a vulnerability in Adobe Flash Player. The vulnerability is caused by an uninitialized stack variable when processing an invalid "SAlign" property of the Flash ActiveX control, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Versions prior to 11.1.102.55 are affected.
-
14:19
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a vulnerability in Adobe Flash Player. The vulnerability is caused by an uninitialized stack variable when processing an invalid "SAlign" property of the Flash ActiveX control, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Versions prior to 11.1.102.55 are affected.
-
-
15:32
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing the "X-UA-COMPATIBLE" keyword of a "META" tag, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
-
15:32
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing the "X-UA-COMPATIBLE" keyword of a "META" tag, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
-
15:32
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing the "X-UA-COMPATIBLE" keyword of a "META" tag, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
-
-
16:11
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2324-1 - The Microsoft Vulnerability Research group discovered that insecure load path handling could lead to execution of arbitrary Lua script code.
-
16:11
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2324-1 - The Microsoft Vulnerability Research group discovered that insecure load path handling could lead to execution of arbitrary Lua script code.
-
16:11
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2324-1 - The Microsoft Vulnerability Research group discovered that insecure load path handling could lead to execution of arbitrary Lua script code.
-
-
20:07
»
Packet Storm Security Advisories
nSense Vulnerability Research Security Advisory - The calendar synchronization feature of iOS fails to validate the SSL certificate provided by the server. Therefore, CalDAV communication can be intercepted by a basic man in the middle attack. As every request contains a HTTP basic authentication header, which contains base64-encoded credentials, it is possible to intercept email account credentials by an attacker that is suitably positioned (e.g. the same LAN, WLAN) or is able to tamper with DNS records pointing to the CalDAV server. The application accepts the untrusted certificate without any warning or prompt, so the attack will go unnoticed by the user.
-
20:07
»
Packet Storm Security Recent Files
nSense Vulnerability Research Security Advisory - The calendar synchronization feature of iOS fails to validate the SSL certificate provided by the server. Therefore, CalDAV communication can be intercepted by a basic man in the middle attack. As every request contains a HTTP basic authentication header, which contains base64-encoded credentials, it is possible to intercept email account credentials by an attacker that is suitably positioned (e.g. the same LAN, WLAN) or is able to tamper with DNS records pointing to the CalDAV server. The application accepts the untrusted certificate without any warning or prompt, so the attack will go unnoticed by the user.
-
20:07
»
Packet Storm Security Misc. Files
nSense Vulnerability Research Security Advisory - The calendar synchronization feature of iOS fails to validate the SSL certificate provided by the server. Therefore, CalDAV communication can be intercepted by a basic man in the middle attack. As every request contains a HTTP basic authentication header, which contains base64-encoded credentials, it is possible to intercept email account credentials by an attacker that is suitably positioned (e.g. the same LAN, WLAN) or is able to tamper with DNS records pointing to the CalDAV server. The application accepts the untrusted certificate without any warning or prompt, so the attack will go unnoticed by the user.
-
20:06
»
Packet Storm Security Advisories
nSense Vulnerability Research Security Advisory - The coreservice.exe process in Procyon core server versions 1.06 and below contains a remotely exploitable memory corruption flaw which allows for remote code execution. The affected component is coreservice.exe, which listens on port 23, running as SYSTEM. Sending a long string will trigger the overflow.
-
20:06
»
Packet Storm Security Recent Files
nSense Vulnerability Research Security Advisory - The coreservice.exe process in Procyon core server versions 1.06 and below contains a remotely exploitable memory corruption flaw which allows for remote code execution. The affected component is coreservice.exe, which listens on port 23, running as SYSTEM. Sending a long string will trigger the overflow.
-
20:06
»
Packet Storm Security Misc. Files
nSense Vulnerability Research Security Advisory - The coreservice.exe process in Procyon core server versions 1.06 and below contains a remotely exploitable memory corruption flaw which allows for remote code execution. The affected component is coreservice.exe, which listens on port 23, running as SYSTEM. Sending a long string will trigger the overflow.
-
20:01
»
Packet Storm Security Advisories
nSense Vulnerability Research Security Advisory - The default configuration in Azeotech DAQFactory allows network connections towards the HMI without authentication. This allows an attacker on the network to shut down the machine running the HMI software by sending a simple packet.
-
20:01
»
Packet Storm Security Recent Files
nSense Vulnerability Research Security Advisory - The default configuration in Azeotech DAQFactory allows network connections towards the HMI without authentication. This allows an attacker on the network to shut down the machine running the HMI software by sending a simple packet.
-
20:01
»
Packet Storm Security Misc. Files
nSense Vulnerability Research Security Advisory - The default configuration in Azeotech DAQFactory allows network connections towards the HMI without authentication. This allows an attacker on the network to shut down the machine running the HMI software by sending a simple packet.
-
19:03
»
Packet Storm Security Advisories
nSense Vulnerability Research Security Advisory - Adobe Flash Media Servers (FMS) versions 3.5.6 and below and 4.0.2 and below suffer from a denial of service vulnerability.
-
19:03
»
Packet Storm Security Recent Files
nSense Vulnerability Research Security Advisory - Adobe Flash Media Servers (FMS) versions 3.5.6 and below and 4.0.2 and below suffer from a denial of service vulnerability.
-
19:03
»
Packet Storm Security Misc. Files
nSense Vulnerability Research Security Advisory - Adobe Flash Media Servers (FMS) versions 3.5.6 and below and 4.0.2 and below suffer from a denial of service vulnerability.
-
-
11:10
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting certain child tags in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Google Chrome versions prior to 14.0.835.202 are affected.
-
11:10
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting certain child tags in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Google Chrome versions prior to 14.0.835.202 are affected.
-
11:10
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting certain child tags in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Google Chrome versions prior to 14.0.835.202 are affected.
-
10:49
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting a Ruby tag and its children in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
-
10:49
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting a Ruby tag and its children in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
-
10:49
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting a Ruby tag and its children in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
-
-
14:34
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "ICalProcessYearlyRule()" function within the "gwwww1.dll" component when processing a malformed "BYWEEKNO" property in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.
-
14:34
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "ICalProcessYearlyRule()" function within the "gwwww1.dll" component when processing a malformed "BYWEEKNO" property in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.
-
14:34
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "ICalProcessYearlyRule()" function within the "gwwww1.dll" component when processing a malformed "BYWEEKNO" property in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.
-
14:32
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "NgwIRecurParam::integerList()" function within the "gwwww1.dll" component when processing a malformed "RRULE" integer list in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.
-
14:32
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "NgwIRecurParam::integerList()" function within the "gwwww1.dll" component when processing a malformed "RRULE" integer list in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.
-
14:32
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "NgwIRecurParam::integerList()" function within the "gwwww1.dll" component when processing a malformed "RRULE" integer list in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.
-
-
16:36
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a heap corruption error when processing malformed Formula records within an Excel document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted XLS document.
-
16:36
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a heap corruption error when processing malformed Formula records within an Excel document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted XLS document.
-
16:36
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a heap corruption error when processing malformed Formula records within an Excel document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted XLS document.
-
-
15:53
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed BMP data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
-
15:53
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed BMP data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
-
15:53
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed BMP data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
-
15:51
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed IFF data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
-
15:51
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed IFF data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
-
15:51
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed IFF data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
-
15:49
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed PCX data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
-
15:49
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed PCX data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
-
15:49
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed PCX data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
-
15:43
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a stack overflow error when processing a malformed picture within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
-
15:43
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a stack overflow error when processing a malformed picture within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
-
15:43
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a stack overflow error when processing a malformed picture within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
-
15:40
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing a picture file with malformed dimensions, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF document.
-
15:40
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing a picture file with malformed dimensions, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF document.
-
15:40
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing a picture file with malformed dimensions, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF document.
-
15:11
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing a malformed "BitsPerSample" field of a TIFF image, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF document.
-
15:11
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing a malformed "BitsPerSample" field of a TIFF image, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF document.
-
15:11
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing a malformed "BitsPerSample" field of a TIFF image, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF document.
-
-
0:28
»
SecDocs
Authors:
Lurene Grenier Richard Johnson Tags:
vulnerability assessment bug hunting fuzzing Event:
Black Hat USA 2010 Abstract: Much work has been presented in the past few years concerning bug discovery through fuzzing. Everything from the feasibility of exhaustive generation fuzzing, to the continued productivity of simple mutation fuzzing has been covered. This talk will assume finding bugs is a foregone conclusion, and instead discuss the pre and post fuzzing process necessary to efficiently analyze vulnerabilities for a given program to the stage where exploitability has a high confidence, and exploitation can be handed off or undertaken in house. This process will be driven by intelligent, analyst driven automation, with a focus on the continued production of exploitable bugs with a minimum of wasted effort.
-
-
2:46
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer underflow error in the Object Linking and Embedding (OLE) Automation component when processing malformed Windows Metafile (WMF) data via the "_PictLoadMetaFileRaw()" function, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
-
2:46
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer underflow error in the Object Linking and Embedding (OLE) Automation component when processing malformed Windows Metafile (WMF) data via the "_PictLoadMetaFileRaw()" function, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
-
2:46
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer underflow error in the Object Linking and Embedding (OLE) Automation component when processing malformed Windows Metafile (WMF) data via the "_PictLoadMetaFileRaw()" function, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
-
-
14:44
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "scrn" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:44
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "scrn" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:44
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "scrn" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:43
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "pseq" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:43
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "pseq" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:43
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "pseq" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:42
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "ncl2" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:42
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "ncl2" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:42
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "ncl2" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:41
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "mluc" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:41
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "mluc" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:41
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "mluc" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:40
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer truncation error in the Color Management Module (CMM) when processing a malformed "bfd" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:40
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer truncation error in the Color Management Module (CMM) when processing a malformed "bfd" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:40
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer truncation error in the Color Management Module (CMM) when processing a malformed "bfd" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:38
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "clrt" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:38
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "clrt" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:38
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "clrt" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
-
22:34
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in 7T Interactive Graphical SCADA System (IGSS). The vulnerability is caused by a memory corruption error in the Open Database Connectivity (ODBC) component when processing packets sent to port 20222/TCP, which could result in an invalid structure being used, leading to an exploitable condition. Versions prior to 9.0.0.11143 are affected.
-
22:34
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in 7T Interactive Graphical SCADA System (IGSS). The vulnerability is caused by a memory corruption error in the Open Database Connectivity (ODBC) component when processing packets sent to port 20222/TCP, which could result in an invalid structure being used, leading to an exploitable condition. Versions prior to 9.0.0.11143 are affected.
-
22:34
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in 7T Interactive Graphical SCADA System (IGSS). The vulnerability is caused by a memory corruption error in the Open Database Connectivity (ODBC) component when processing packets sent to port 20222/TCP, which could result in an invalid structure being used, leading to an exploitable condition. Versions prior to 9.0.0.11143 are affected.
-
-
7:23
»
Packet Storm Security Exploits
nSense Vulnerability Research Security Advisory - It is possible to cause a denial of service in Novell's LDAP-SSL daemon due to the system blindly allocating a user-specified amount of memory. Exploiting the issue on a Netware system will cause a system-wide DoS condition.
-
7:23
»
Packet Storm Security Recent Files
nSense Vulnerability Research Security Advisory - It is possible to cause a denial of service in Novell's LDAP-SSL daemon due to the system blindly allocating a user-specified amount of memory. Exploiting the issue on a Netware system will cause a system-wide DoS condition.
-
7:23
»
Packet Storm Security Misc. Files
nSense Vulnerability Research Security Advisory - It is possible to cause a denial of service in Novell's LDAP-SSL daemon due to the system blindly allocating a user-specified amount of memory. Exploiting the issue on a Netware system will cause a system-wide DoS condition.
-
-
7:31
»
Packet Storm Security Advisories
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when processing certain text nodes, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
7:31
»
Packet Storm Security Recent Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when processing certain text nodes, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
7:31
»
Packet Storm Security Misc. Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when processing certain text nodes, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
7:28
»
Packet Storm Security Advisories
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a stack overflow error in the OpenType Compact Font Format (CFF) driver "ATMFD.dll" when processing certain operands within an OpenType font, which could be exploited by remote attackers to execute arbitrary code on a vulnerable Windows 7, Windows Server 2008, Windows Server 2008 R2, and Windows Vista systems via a malicious font, or by local attackers to gain elevated privileges on Windows XP and Windows Server 2003 systems via a malicious application.
-
7:28
»
Packet Storm Security Recent Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a stack overflow error in the OpenType Compact Font Format (CFF) driver "ATMFD.dll" when processing certain operands within an OpenType font, which could be exploited by remote attackers to execute arbitrary code on a vulnerable Windows 7, Windows Server 2008, Windows Server 2008 R2, and Windows Vista systems via a malicious font, or by local attackers to gain elevated privileges on Windows XP and Windows Server 2003 systems via a malicious application.
-
7:28
»
Packet Storm Security Misc. Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a stack overflow error in the OpenType Compact Font Format (CFF) driver "ATMFD.dll" when processing certain operands within an OpenType font, which could be exploited by remote attackers to execute arbitrary code on a vulnerable Windows 7, Windows Server 2008, Windows Server 2008 R2, and Windows Vista systems via a malicious font, or by local attackers to gain elevated privileges on Windows XP and Windows Server 2003 systems via a malicious application.
-
7:27
»
Packet Storm Security Advisories
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a stack overwrite error when parsing the RTD RealTimeData record (0813h), which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted Excel document.
-
7:27
»
Packet Storm Security Recent Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a stack overwrite error when parsing the RTD RealTimeData record (0813h), which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted Excel document.
-
7:27
»
Packet Storm Security Misc. Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a stack overwrite error when parsing the RTD RealTimeData record (0813h), which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted Excel document.
-
7:23
»
Packet Storm Security Advisories
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CObjectElement::OnPropertyChange()" function within the MSHTML library when handling objects, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 6, 7, and 8 are affected.
-
7:23
»
Packet Storm Security Recent Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CObjectElement::OnPropertyChange()" function within the MSHTML library when handling objects, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 6, 7, and 8 are affected.
-
7:23
»
Packet Storm Security Misc. Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CObjectElement::OnPropertyChange()" function within the MSHTML library when handling objects, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 6, 7, and 8 are affected.
-
7:21
»
Packet Storm Security Advisories
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CSpliceTreeEngine::InsertSplice()" function within the MSHTML library when handling layouts, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 6 and 7 are affected.
-
7:21
»
Packet Storm Security Recent Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CSpliceTreeEngine::InsertSplice()" function within the MSHTML library when handling layouts, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 6 and 7 are affected.
-
7:21
»
Packet Storm Security Misc. Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CSpliceTreeEngine::InsertSplice()" function within the MSHTML library when handling layouts, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 6 and 7 are affected.
-
-
9:19
»
Packet Storm Security Advisories
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the GDI+ library when parsing certain values within a EMF image file, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
-
9:19
»
Packet Storm Security Recent Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the GDI+ library when parsing certain values within a EMF image file, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
-
9:19
»
Packet Storm Security Misc. Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the GDI+ library when parsing certain values within a EMF image file, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
-
-
7:17
»
Packet Storm Security Advisories
nSense Vulnerability Research Security Advisory - A PDF file format parsing vulnerability exists in the pdf2tif parser and can be exploited with a specially crafted input file. The plugin suffers from a buffer overflow flaw. Many server side applications use the library when converting pdf files to images. If an attacker is able to send the application a malicious file, successful exploitation leads to code being executed in the context of the running application.
-
7:17
»
Packet Storm Security Recent Files
nSense Vulnerability Research Security Advisory - A PDF file format parsing vulnerability exists in the pdf2tif parser and can be exploited with a specially crafted input file. The plugin suffers from a buffer overflow flaw. Many server side applications use the library when converting pdf files to images. If an attacker is able to send the application a malicious file, successful exploitation leads to code being executed in the context of the running application.
-
7:17
»
Packet Storm Security Misc. Files
nSense Vulnerability Research Security Advisory - A PDF file format parsing vulnerability exists in the pdf2tif parser and can be exploited with a specially crafted input file. The plugin suffers from a buffer overflow flaw. Many server side applications use the library when converting pdf files to images. If an attacker is able to send the application a malicious file, successful exploitation leads to code being executed in the context of the running application.
-
-
18:19
»
Packet Storm Security Advisories
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by an integer overflow error in the WebKit library when handling block dimensions, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
-
18:19
»
Packet Storm Security Recent Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by an integer overflow error in the WebKit library when handling block dimensions, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
-
18:19
»
Packet Storm Security Misc. Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by an integer overflow error in the WebKit library when handling block dimensions, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
-
13:21
»
Packet Storm Security Advisories
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain scroll events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
-
13:21
»
Packet Storm Security Recent Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain scroll events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
-
13:21
»
Packet Storm Security Misc. Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain scroll events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
-
12:43
»
Packet Storm Security Advisories
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain iframe events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
-
12:43
»
Packet Storm Security Recent Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain iframe events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
-
12:43
»
Packet Storm Security Misc. Files
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain iframe events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
-
-
13:36
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a buffer overflow error in the Windows Shell graphics processor when parsing the "biCompression" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.
-
13:36
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a buffer overflow error in the Windows Shell graphics processor when parsing the "biCompression" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.
-
13:36
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a buffer overflow error in the Windows Shell graphics processor when parsing the "biCompression" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.
-
13:35
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the Windows Shell graphics processor when parsing the "height" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.
-
13:35
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the Windows Shell graphics processor when parsing the "height" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.
-
13:35
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the Windows Shell graphics processor when parsing the "height" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.
-
12:18
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the Windows Shell graphics processor when parsing the "width" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.
-
12:18
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the Windows Shell graphics processor when parsing the "width" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.
-
12:18
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the Windows Shell graphics processor when parsing the "width" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.
-
12:09
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Shockwave. The vulnerability is caused by a memory corruption error in the "DIRAPI.dll" module when processing the "LCTX" chunk within a Director File, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page. Adobe Shockwave Player versions 11.5.9.615 and prior are affected.
-
12:09
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Shockwave. The vulnerability is caused by a memory corruption error in the "DIRAPI.dll" module when processing the "LCTX" chunk within a Director File, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page. Adobe Shockwave Player versions 11.5.9.615 and prior are affected.
-
12:09
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Shockwave. The vulnerability is caused by a memory corruption error in the "DIRAPI.dll" module when processing the "LCTX" chunk within a Director File, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page. Adobe Shockwave Player versions 11.5.9.615 and prior are affected.
-
-
19:32
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "gwwww1.dll" module when processing the "TZID" variable within VCALENDAR data, which could be exploited by remote unauthenticated attackers to execute arbitrary code with SYSTEM privileges. Novell GroupWise versions 8.02 HP 1 (Hot Patch 1) and prior are affected.
-
19:32
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "gwwww1.dll" module when processing the "TZID" variable within VCALENDAR data, which could be exploited by remote unauthenticated attackers to execute arbitrary code with SYSTEM privileges. Novell GroupWise versions 8.02 HP 1 (Hot Patch 1) and prior are affected.
-
19:32
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "gwwww1.dll" module when processing the "TZID" variable within VCALENDAR data, which could be exploited by remote unauthenticated attackers to execute arbitrary code with SYSTEM privileges. Novell GroupWise versions 8.02 HP 1 (Hot Patch 1) and prior are affected.
-
-
15:57
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free vulnerability when handling certain animation behaviors, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page.
-
15:57
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free vulnerability when handling certain animation behaviors, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page.
-
15:57
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free vulnerability when handling certain animation behaviors, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page.
-
15:57
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by an array indexing error in "pubconv.dll" when processing a malformed value within a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
-
15:57
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by an array indexing error in "pubconv.dll" when processing a malformed value within a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
-
15:57
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by an array indexing error in "pubconv.dll" when processing a malformed value within a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
-
15:57
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by an array indexing error when processing a malformed record within a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
-
15:57
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by an array indexing error when processing a malformed record within a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
-
15:57
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by an array indexing error when processing a malformed record within a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
-
15:56
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by a heap corruption error in "pubconv.dll" while trusting a size value from a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
-
15:56
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by a heap corruption error in "pubconv.dll" while trusting a size value from a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
-
15:56
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by a heap corruption error in "pubconv.dll" while trusting a size value from a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
-
15:52
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by a memory corruption error when handling malformed Publisher documents, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
-
15:52
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by a memory corruption error when handling malformed Publisher documents, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
-
15:52
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by a memory corruption error when handling malformed Publisher documents, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.
-
-
17:15
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling malformed AAC files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
17:15
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling malformed AAC files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
17:15
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling malformed AAC files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
17:15
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling Audio data within media files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
17:15
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling Audio data within media files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
17:15
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling Audio data within media files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
17:14
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling sound data within media files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
17:14
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling sound data within media files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
17:14
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling sound data within media files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
7:22
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling malformed RA5 files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
7:22
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling malformed RA5 files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
7:22
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling malformed RA5 files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
4:11
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered three critical vulnerabilities in RealPlayer. These vulnerabilities are caused by heap overflow errors when handling malformed RealMedia data, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
4:11
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered three critical vulnerabilities in RealPlayer. These vulnerabilities are caused by heap overflow errors when handling malformed RealMedia data, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
4:11
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered three critical vulnerabilities in RealPlayer. These vulnerabilities are caused by heap overflow errors when handling malformed RealMedia data, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
-
18:59
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free in WebKit when handling selections, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
18:59
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free in WebKit when handling selections, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
18:59
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free in WebKit when handling selections, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
18:58
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free in WebKit when handling scrollbars, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
18:58
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free in WebKit when handling scrollbars, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
18:58
»
Packet Storm Security Misc. Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free in WebKit when handling scrollbars, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
-
14:01
»
Packet Storm Security Recent Files
nSense Vulnerability Research Security Advisory - Cisco Unified Communications Manager contains a setuid binary which fails to validate command line arguments. A local user can leverage this vulnerability to gain root access by supplying suitable arguments to the binary.
-
14:00
»
Packet Storm Security Exploits
nSense Vulnerability Research Security Advisory - Cisco Unified Communications Manager contains a setuid binary which fails to validate command line arguments. A local user can leverage this vulnerability to gain root access by supplying suitable arguments to the binary.
-
-
9:01
»
Packet Storm Security Recent Files
nSense Vulnerability Research Security Advisory - Teamspeak 2 version 2.0.32.60 suffers from a remote code execution vulnerability. The specific flaw exists within the TeamSpeak.exe module teardown procedure responsible for freeing dynamically allocated application handles.
-
9:00
»
Packet Storm Security Advisories
nSense Vulnerability Research Security Advisory - Teamspeak 2 version 2.0.32.60 suffers from a remote code execution vulnerability. The specific flaw exists within the TeamSpeak.exe module teardown procedure responsible for freeing dynamically allocated application handles.
-
-
22:01
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in various Oracle products. The vulnerability is caused by a buffer overflow error in the EM Console when processing overly long HTTP requests, which could allow remote unauthenticated attackers to crash an affected service or execute arbitrary code via a malicious request.
-
22:01
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a memory corruption error when processing a negative future function while parsing an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.
-
22:01
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a memory corruption error when processing PtgExtraArray structures in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.
-
22:01
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by an array indexing error when processing RealTimeData records in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.
-
22:01
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a memory corruption error when processing certain structures in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.
-
22:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by an input validation error when processing certain elements in a Ghost record, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.
-
22:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in various Oracle products. The vulnerability is caused by a buffer overflow error in the EM Console when processing overly long HTTP requests, which could allow remote unauthenticated attackers to crash an affected service or execute arbitrary code via a malicious request.
-
-
15:01
»
Packet Storm Security Exploits
nSense Vulnerability Research Security Advisory - Adobe Acrobat and Reader are prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Adobe Reader and Acrobat versions prior to and including 9.3.4 and 8.2.4 are affected.
-
-
17:01
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a high risk vulnerability affecting Google Chrome. The vulnerability is caused by a memory corruption error when processing focus events, which could be exploited by remote attackers to potentially execute arbitrary code by tricking a user into visiting a specially crafted web page. Google Chrome versions prior to 6.0.472.53 are affected.
-
17:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a high risk vulnerability affecting Google Chrome. The vulnerability is caused by a memory corruption error when processing focus events, which could be exploited by remote attackers to potentially execute arbitrary code by tricking a user into visiting a specially crafted web page. Google Chrome versions prior to 6.0.472.53 are affected.
-
-
18:01
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability affecting Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the OnPropertyChange_Src() function when handling malformed HTML/JS data, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
18:01
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability affecting Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error when processing the boundElements property, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
18:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability affecting Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the OnPropertyChange_Src() function when handling malformed HTML/JS data, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
18:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability affecting Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error when processing the boundElements property, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
-
17:54
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in HP OpenView Network Node Manager (OV NNM). This vulnerability is caused by a buffer overflow error in the nnmrptconfig.exe CGI when processing an overly long parameter value, which could be exploited by remote unauthenticated attackers to execute arbitrary code.
-
17:54
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in HP OpenView Network Node Manager (OV NNM). This vulnerability is caused by a buffer overflow error in the ov.dll library when processing certain arguments supplied via CGI executables, which could be exploited by remote unauthenticated attackers to execute arbitrary code.
-
17:53
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in HP OpenView Network Node Manager (OV NNM). This vulnerability is caused by a buffer overflow error in the nnmrptconfig.exe CGI when processing an overly long parameter value, which could be exploited by remote unauthenticated attackers to execute arbitrary code.
-
17:53
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in HP OpenView Network Node Manager (OV NNM). This vulnerability is caused by a buffer overflow error in the ov.dll library when processing certain arguments supplied via CGI executables, which could be exploited by remote unauthenticated attackers to execute arbitrary code.
-
-
22:51
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered multiple vulnerabilities in Winamp. These issues are caused by integer and buffer overflow errors within the vp6.w5s component when parsing malformed Flash Video data, which could allow attackers to execute arbitrary code by tricking a user into opening a specially crafted FLV file. Versions 5.572 and below are affected.
-
22:48
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered multiple vulnerabilities in Winamp. These issues are caused by integer and buffer overflow errors within the vp6.w5s component when parsing malformed Flash Video data, which could allow attackers to execute arbitrary code by tricking a user into opening a specially crafted FLV file. Versions 5.572 and below are affected.
-
-
0:01
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a buffer overflow error when processing the undocumented #1023 (3FFh) tag while parsing Flash content within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious PDF.
-
0:01
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. This vulnerability is caused by a memory corruption error when processing the newclass operator (bytecode 0x58) while parsing Flash content within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious PDF file.
-
0:01
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. This vulnerability is caused by a memory corruption error when processing the newfunction operator (bytecode 0x44) while parsing Flash content within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious PDF file.
-
0:01
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. This vulnerability is caused by a memory corruption error when processing the pushstring (bytecode 0x2C) or debugfile (bytecode 0xF1) operators while parsing Flash content within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious PDF file.
-
0:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a buffer overflow error when processing the undocumented #1023 (3FFh) tag while parsing Flash content within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious PDF.
-
0:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. This vulnerability is caused by a memory corruption error when processing the newclass operator (bytecode 0x58) while parsing Flash content within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious PDF file.
-
0:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. This vulnerability is caused by a memory corruption error when processing the newfunction operator (bytecode 0x44) while parsing Flash content within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious PDF file.
-
0:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. This vulnerability is caused by a memory corruption error when processing the pushstring (bytecode 0x2C) or debugfile (bytecode 0xF1) operators while parsing Flash content within a PDF document, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a malicious PDF file.
-
-
23:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. This vulnerability is caused due to an invalid pointer when processing the newclass operator (bytecode 0x58), which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
23:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. This vulnerability is caused due to an invalid pointer when processing the newfunction operator (bytecode 0x44), which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
23:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered two critical vulnerabilities in Adobe Flash Player. These vulnerabilities are caused due to heap overflows when processing malformed GIF or JPEG data within a Flash file, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
-
0:00
»
Packet Storm Security Advisories
VUPEN Web Vulnerability Research Team discovered multiple vulnerabilities in eFront. These issues are caused by input validation errors when processing the remote_theme , name , system_email , password_length , math_server , site_motto and site_name parameters, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected Web site. Versions prior to 3.6.3 build 7400 are affected.
-
-
9:06
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered two critical vulnerabilities in Adobe Shockwave Player. These vulnerabilities are caused due to memory corruption errors when processing malformed 3D Director files, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page. Versions prior to 11.5.7.609 are affected.
-
9:05
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered seven critical vulnerabilities in Adobe Shockwave Player. These vulnerabilities are caused due to memory corruptions, array indexing, heap overflows and invalid pointers when processing malformed files, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page. Versions prior to 11.5.7.609 are affected.
-
9:05
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Shockwave Player. This vulnerability is caused due to a memory corruption error when processing 0xFFFFFF49 3D blocks within Director files, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page. Versions prior to 11.5.7.609 are affected.
-
9:04
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered eleven critical vulnerabilities in Adobe Shockwave Player. These vulnerabilities are caused due to integer overflows, array indexing, and memory corruption errors when processing malformed Shockwave or Director files, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page. Versions prior to 11.5.7.609 are affected.
-
9:04
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered two critical vulnerabilities in Adobe Shockwave Player. These vulnerabilities are caused due to memory corruption errors when processing malformed 3D Director files, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page. Versions prior to 11.5.7.609 are affected.
-
9:04
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered seven critical vulnerabilities in Adobe Shockwave Player. These vulnerabilities are caused due to memory corruptions, array indexing, heap overflows and invalid pointers when processing malformed files, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page. Versions prior to 11.5.7.609 are affected.
-
9:04
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Shockwave Player. This vulnerability is caused due to a memory corruption error when processing 0xFFFFFF49 3D blocks within Director files, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page. Versions prior to 11.5.7.609 are affected.
-
-
20:00
»
Packet Storm Security Advisories
VUPEN Web Vulnerability Research Team discovered 27 vulnerabilities in WebAsyst Shop-Script FREE. These issues are caused by input validation errors in various scripts when processing user-supplied data and parameters, which could allow local file inclusion, sql injection and cross site scripting attacks.
-
20:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. This vulnerability is caused by a buffer overflow error when processing malformed BitMap (BMP) data, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF document.
-
20:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. This vulnerability is caused by a buffer overflow error when processing malformed GIF (Graphics Interchange Format) data, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF document.
-
20:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. This vulnerability is caused by a buffer overflow error when processing malformed JPEG data, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF document.
-
20:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. This vulnerability is caused by a buffer overflow error when processing malformed PNG data, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF document.
-
-
18:00
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a vulnerability in VMware products. The flaw is caused by a heap overflow error in the VMnc media codec when processing malformed AVI files, which could be exploited by attackers to potentially execute arbitrary code by tricking a user into opening a malicious movie file.
-
18:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in VMware products. The flaw is caused by a heap overflow error in the VMnc media codec when processing malformed AVI files, which could be exploited by attackers to potentially execute arbitrary code by tricking a user into opening a malicious movie file.
-
-
14:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Sun Java JDK/JRE. The flaw is caused by an invalid pointer within the AWT (Abstract Windowing Toolkit) library when processing data passed to a specific function, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Sun Java JDK/JRE. The flaw is caused by an invalid index within the AWT (Abstract Windowing Toolkit) library when processing data passed to a specific function, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
-
14:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Sun Java JDK/JRE. The flaw is caused by a buffer overflow error within the Unpack200 component when processing malformed data, which could be exploited by attackers to execute arbitrary code via a malicious archive.
-
14:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Apple Quicktime. The flaw is caused by an integer overflow error when processing PICT files with malformed data and atoms, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page or opening a malicious PICT image.
-
14:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Apple iTunes. The flaw is caused by an integer overflow error in ColorSync when processing certain images with an embedded color profile, which could be exploited by attackers to potentially execute arbitrary code via a specially crafted image.
-
14:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Apple Quicktime. The flaw is caused by a heap overflow error when processing PICT images with malformed atoms, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page or opening a malicious PICT file.
-
14:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Apple Quicktime. The flaw is caused by a heap overflow error when processing FLC encoded movie files, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page or opening a malicious movie file.
-
-
16:00
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a vulnerability in Apple Safari. The flaw is caused by an integer overflow error in ColorSync when processing certain images with an embedded color profile, which could be exploited by attackers to potentially execute arbitrary code via a specially crafted web page. Versions prior to 4.0.5 are vulnerable.
-
16:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in Apple Safari. The flaw is caused by an integer overflow error in ColorSync when processing certain images with an embedded color profile, which could be exploited by attackers to potentially execute arbitrary code via a specially crafted web page. Versions prior to 4.0.5 are vulnerable.
-
-
19:00
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability affecting Microsoft Office Excel. The flaw is caused by a memory corruption error when processing malformed EntExU2 records in an Excel document, which could be exploited by attackers to execute arbitrary code.
-
19:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability affecting Microsoft Office Excel. The flaw is caused by a memory corruption error when processing malformed EntExU2 records in an Excel document, which could be exploited by attackers to execute arbitrary code.
-
-
0:00
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a vulnerability in various Symantec security products. The vulnerability is caused by a buffer overflow error in the SYMLTCOM.dll module when processing user-supplied data, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page on a domain masqueraded as an authorized site.
-
-
23:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a vulnerability in various Symantec security products. The vulnerability is caused by a buffer overflow error in the SYMLTCOM.dll module when processing user-supplied data, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page on a domain masqueraded as an authorized site.
-
-
15:00
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered critical vulnerabilities affecting OpenOffice.org. The first vulnerability is caused by a heap overflow error when processing malformed sprmTDefTable records in a Word document, which could be exploited by attackers to execute arbitrary code. The second vulnerability is caused by a heap overflow error when processing malformed sprmTSetBrc records in a Word document, which could be exploited by attackers to compromise a vulnerable system. Versions prior to 3.2 are affected.
-
15:00
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered critical vulnerabilities affecting OpenOffice.org. The first vulnerability is caused by a heap overflow error when processing malformed sprmTDefTable records in a Word document, which could be exploited by attackers to execute arbitrary code. The second vulnerability is caused by a heap overflow error when processing malformed sprmTSetBrc records in a Word document, which could be exploited by attackers to compromise a vulnerable system. Versions prior to 3.2 are affected.
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution