«
Expand/Collapse
87 items tagged "array"
Related tags:
overflow [+],
integer [+],
libavcodec [+],
arbitrary code execution [+],
zero day [+],
zero [+],
xpdf [+],
vlc media player [+],
player versions [+],
parse [+],
microsoft [+],
fofitype [+],
dominic chell [+],
array object [+],
amv [+],
webkit [+],
proof of concept [+],
code execution [+],
bound [+],
svg [+],
service vulnerability [+],
opera [+],
mozilla firefox [+],
led [+],
exploits [+],
denial of service [+],
arduino [+],
traffic [+],
tool [+],
tcp ip [+],
target [+],
realplayer user [+],
reader [+],
overflow code [+],
ncss [+],
microsoft reader [+],
microsoft corp [+],
leds [+],
invalid index [+],
integer overflow vulnerability [+],
initialization routine [+],
home [+],
ghost recon [+],
ghost [+],
day [+],
codebase [+],
code [+],
array index [+],
array functions [+],
application level [+],
application [+],
txt [+],
subject alternate names [+],
sensor array [+],
sensor [+],
robots [+],
recon [+],
pcs [+],
outdo [+],
ngs [+],
mdvsa [+],
louisville [+],
linux security [+],
import command [+],
heap [+],
gpgsm [+],
genstat [+],
frankenstein [+],
critical structures [+],
arbitrary code [+],
apple quicktime [+],
wood [+],
western digital caviar [+],
welts [+],
water proof [+],
vulnerabilities [+],
virtual test [+],
valentin [+],
usa [+],
unpleasant experience [+],
ultrasonic sensors [+],
uble [+],
ubisoft [+],
toy tank [+],
technical [+],
tank [+],
strobe light [+],
strobe [+],
stages of development [+],
sqlite [+],
source driver [+],
solar panels [+],
solar array [+],
show [+],
shelf products [+],
segmentation [+],
segment display [+],
segment [+],
schuble [+],
safer use [+],
roundup [+],
reprap [+],
remote [+],
rain [+],
query [+],
putting on a show [+],
publisher [+],
proof [+],
project [+],
powerpoint [+],
potentiometer [+],
plunge [+],
php [+],
patrick [+],
patch [+],
parsing [+],
output [+],
oob [+],
onironaut [+],
notification [+],
news [+],
monitoring [+],
monitor [+],
modern cars [+],
misc [+],
mind [+],
microsoft powerpoint [+],
microsoft excel [+],
memory corruption [+],
mad scientist [+],
led array [+],
join forces [+],
javascript array [+],
javascript [+],
jack gassett [+],
ir illumination [+],
instructibles [+],
insane [+],
infinity [+],
index [+],
illumination [+],
harvesting [+],
grid [+],
green ears [+],
green [+],
google [+],
gig [+],
flourescent tubes [+],
flight array [+],
flight [+],
fleet [+],
exploit [+],
excel [+],
entertainment [+],
drive array [+],
drive [+],
dream job [+],
display [+],
digital [+],
desk [+],
degree panoramic views [+],
degree [+],
dave [+],
dance parties [+],
dance [+],
dan [+],
custom [+],
cnc [+],
classic [+],
circuit board components [+],
chrome [+],
checking [+],
case [+],
caleb cover [+],
caleb [+],
bugtraq [+],
buffer overflow [+],
black hat [+],
bga package [+],
berlin [+],
beginning [+],
ball grid array [+],
ball [+],
autonomous [+],
audio [+],
arrays [+],
advisory [+],
Weekly [+],
2d array [+],
hacks [+],
integer overflow [+],
vulnerability [+],
mozilla [+],
firefox [+]
-
-
14:00
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-187 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a particular array contained within a Real Media file and then uses the data. When allocating and reading frame size information, the application will fail to check the bounds of how this array is used. The application will use results in this array as an allocation for the size of a buffer. When initializing this new buffer, the application can then write outside it's bounds which will lead to code execution under the context of the application.
-
14:00
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-187 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a particular array contained within a Real Media file and then uses the data. When allocating and reading frame size information, the application will fail to check the bounds of how this array is used. The application will use results in this array as an allocation for the size of a buffer. When initializing this new buffer, the application can then write outside it's bounds which will lead to code execution under the context of the application.
-
14:00
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-187 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a particular array contained within a Real Media file and then uses the data. When allocating and reading frame size information, the application will fail to check the bounds of how this array is used. The application will use results in this array as an allocation for the size of a buffer. When initializing this new buffer, the application can then write outside it's bounds which will lead to code execution under the context of the application.
-
-
9:01
»
Hack a Day
Evil Mad Scientist Laboratories received an email from someone who wanted to hack their Peggy kit. This LED matrix kit has been featured on Hack a Day in the past, and provides hardware to set up a 625 LED matrix. This user built an external array of LEDs that they wanted to drive with the Peggy hardware. There [...]
-
-
4:01
»
Hack a Day
Take a minute to think about what your dream job might be. Done imagining you are a ridiculously wealthy bachelor? Good. Back here in the real world, [Caleb Cover] has come into what might be one of the coolest hacking-related jobs we’ve seen in awhile. He recently snagged a gig working for Aleph Objects as [...]
-
-
13:01
»
Hack a Day
[LuckyNumbrKevin] wanted an epic monitor array of his own but didn’t really have the desk real estate to pull it off. His solution was to build a three computer monitor mounting rack with a relatively small footprint. The design started with some virtual test builds using SketchUp. Once he had it dialed in he began [...]
-
-
17:01
»
Hack a Day
After years of hoping and wishing [Dave] finally took the plunge and installed solar panels on the roof of his house. He’s got twelve panels that are each rated at 240 Watts! But just having them sitting there and pumping power back to the grid isn’t enough. Understandably, he decided to add his own solar [...]
-
-
16:32
»
Packet Storm Security Exploits
Code Audit Labs has discovered an integer overflow vulnerability in array functions like Int32Array, Int16Array, etc in Opera versions 11.60 and below.
-
16:32
»
Packet Storm Security Recent Files
Code Audit Labs has discovered an integer overflow vulnerability in array functions like Int32Array, Int16Array, etc in Opera versions 11.60 and below.
-
16:32
»
Packet Storm Security Misc. Files
Code Audit Labs has discovered an integer overflow vulnerability in array functions like Int32Array, Int16Array, etc in Opera versions 11.60 and below.
-
-
12:41
»
Hack a Day
The team over at the Louisville Hackerspace LVL1 is not going to be outdone when it comes to collecting environmental data. They put together this Frankenstein of sensor boards that lets you collect a heap of data showing what is going on around it. At the center-left a small Arduino clone is responsible for collecting [...]
-
12:41
»
Hack a Day
The team over at the Louisville Hackerspace LVL1 is not going to be outdone when it comes to collecting environmental data. They put together this Frankenstein of sensor boards that lets you collect a heap of data showing what is going on around it. At the center-left a small Arduino clone is responsible for collecting [...]
-
-
17:21
»
Packet Storm Security Recent Files
P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
-
17:21
»
Packet Storm Security Tools
P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
-
17:21
»
Packet Storm Security Misc. Files
P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).
-
-
7:00
»
Hack a Day
In case you missed them the first time, here are this week’s most popular posts: Our most popular post is about an octocopter that is big enough to hover a person who is perched perilously in the center of an angry array of blades that are counting on Murphy’s law for their chance to taste [...]
-
-
23:25
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability found in Mozilla Firefox 3.6. When an array object is configured with a large length value, the reduceRight() method may cause an invalid index being used, allowing arbitrary remote code execution. Please note that the exploit requires a longer amount of time (compared to a typical browser exploit) in order to gain control of the machine.
-
23:25
»
Packet Storm Security Exploits
This Metasploit module exploits a vulnerability found in Mozilla Firefox 3.6. When an array object is configured with a large length value, the reduceRight() method may cause an invalid index being used, allowing arbitrary remote code execution. Please note that the exploit requires a longer amount of time (compared to a typical browser exploit) in order to gain control of the machine.
-
23:25
»
Packet Storm Security Misc. Files
This Metasploit module exploits a vulnerability found in Mozilla Firefox 3.6. When an array object is configured with a large length value, the reduceRight() method may cause an invalid index being used, allowing arbitrary remote code execution. Please note that the exploit requires a longer amount of time (compared to a typical browser exploit) in order to gain control of the machine.
-
-
6:39
»
Packet Storm Security Exploits
GenStat versions 14.1.0.5943 and below suffer from an array overflow with write2 and a heap overflow. Proof of concept code included.
-
-
3:44
»
Hack a Day
[Patrick] was prepping for some future projects he had in mind, for which he will need a simple 2D array of addressable LEDs. While it is certainly possible for him to build his own LED array and control hardware, he thought he would try out some off the shelf products to see if something might [...]
-
-
8:01
»
Hack a Day
[Mnt] wrote in to tell us about this 360 degree array of cameras featured on [Codeninja]. This has to be one of the most impressive arrays of cameras and sound equipment that we’ve seen at Hack a day. The array is capable of 360 degree x 140 degree panoramic views using the 9 cameras arranged [...]
-
-
4:01
»
Hack a Day
[Dan] wrote in to share a project he recently finished up, an autonomous Airsoft tank. The toy tank makes use of a wide array of technologies to get the job done, and will stop at nothing to hunt you down (provided you are wearing an IR beacon). An Arduino board is used to control the [...]
-
9:44
»
Packet Storm Security Advisories
Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect multiple applications that use this library, it was only tested on VLC media player. VLC media player versions 1.1.9 and below are affected.
-
9:44
»
Packet Storm Security Recent Files
Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect multiple applications that use this library, it was only tested on VLC media player. VLC media player versions 1.1.9 and below are affected.
-
9:44
»
Packet Storm Security Misc. Files
Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect multiple applications that use this library, it was only tested on VLC media player. VLC media player versions 1.1.9 and below are affected.
-
-
9:01
»
Hack a Day
[Jack Gassett] is developing a new breakout board for an FPGA. The chip comes in a ball grid array (BGA) package which is notoriously difficult to solder reliably. Since he’s still in development, the test boards are being assembled in his basement. Of the first lot of four boards, only one is functional. So he’s [...]
-
4:11
»
Packet Storm Security Advisories
Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect multiple applications that use this library, it was only tested on VLC media player. VLC media player versions 1.1.9 and below are affected.
-
4:11
»
Packet Storm Security Recent Files
Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect multiple applications that use this library, it was only tested on VLC media player. VLC media player versions 1.1.9 and below are affected.
-
4:11
»
Packet Storm Security Misc. Files
Dominic Chell of NGS Secure has discovered a high risk vulnerability in LibAVCodec. Opening a malformed AMV file can result in an out of array write and potentially arbitrary code execution when using this library. Whilst the vulnerability may affect multiple applications that use this library, it was only tested on VLC media player. VLC media player versions 1.1.9 and below are affected.
-
-
19:21
»
Packet Storm Security Exploits
Microsoft Reader versions 2.1.1.3143 and below and versions 2.6.1.7169 and below suffer from an array overflow. Proof of concept code included.
-
19:21
»
Packet Storm Security Misc. Files
Microsoft Reader versions 2.1.1.3143 and below and versions 2.6.1.7169 and below suffer from an array overflow. Proof of concept code included.
-
-
5:00
»
Hack a Day
[chromationsystems] put out a couple instructibles on building infinity mirrors. One with an 8×8 array of LEDs and one with a 32 LED ring. These are very well documented covering the construction of the mirror enclosure as well as the circuit and code. The effect is quite nice. The 8×8 array is interesting, we haven’t [...]
-
-
13:04
»
Hack a Day
With many modern cars coming equipped with an array of ultrasonic sensors mounted in the bumpers, it stands to reason that many junk yards have them too. [jimk3038] points out that, unless they’re crushed, they’re probably good. The list of features on these is pretty long, including being short proof, water proof, EMF proof and [...]
-
-
4:53
»
Hack a Day
[Onironaut] over at lucidscience sent us a link to his latest project, some IR illumination panels. At first, we were mildly enticed by his usual high standard of photography and description. It was just an array of LEDs though. Still, we kept hitting the “next page” button because he goes into such great detail. Then [...]
-
-
19:19
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 10-265 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Firefox's management of the JSSLOT_ARRAY_COUNT annotation. This value represents the number of items filled within a given Array object. If an attacker creates an array to a high enough value, an initialization routine can be made to mis-allocate a buffer. This can be abused by an attacker to corrupt memory and subsequently execute arbitrary code under the context of the user running the browser.
-
19:19
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 10-265 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Firefox's management of the JSSLOT_ARRAY_COUNT annotation. This value represents the number of items filled within a given Array object. If an attacker creates an array to a high enough value, an initialization routine can be made to mis-allocate a buffer. This can be abused by an attacker to corrupt memory and subsequently execute arbitrary code under the context of the user running the browser.
-
19:19
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 10-265 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Firefox's management of the JSSLOT_ARRAY_COUNT annotation. This value represents the number of items filled within a given Array object. If an attacker creates an array to a high enough value, an initialization routine can be made to mis-allocate a buffer. This can be abused by an attacker to corrupt memory and subsequently execute arbitrary code under the context of the user running the browser.
-
-
8:16
»
Hack a Day
Why store it in the cloud when you could have a 90 Terabyte hard drive (translated) array in your house? The drives are mostly Western Digital Caviar Green EARS 2TB models which are known for energy efficiency and quiet operation. It’s a little unclear as to whether this is using one or two motherboards, but the drives [...]
-
-
16:50
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
0:01
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-143 - Importing a certificate with more than 98 Subject Alternate Names via GPGSM's import command or implicitly while verifying a signature causes GPGSM to reallocate an array with the names. The bug is that the reallocation code misses assigning the reallocated array to the old array variable and thus the old and freed array will be used. Usually this leads to a segv.
-
0:01
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-143 - Importing a certificate with more than 98 Subject Alternate Names via GPGSM's import command or implicitly while verifying a signature causes GPGSM to reallocate an array with the names. The bug is that the reallocation code misses assigning the reallocated array to the old array variable and thus the old and freed array will be used. Usually this leads to a segv.
-
-
6:00
»
Hack a Day
Though it is in the beginning stages of development, the Distributed Flight Array is already looking very interesting. Each unit can scuttle across the ground using the down force from its prop, but when 4 or more join forces, they can take off and fly. The documentation shows that they should be smart enough to [...]
-
8:10
»
Hack a Day
Check out this slick strobe array for dance parties. Controlled by a DMX512 interface, only a small modification was necessary to get the strobes working. If you’ve played with a small commercial strobe light, you’ll know there’s a potentiometer to control the strobe speed. He simply soldered a relay after the pot. This allows him [...]
-
-
5:31
»
SecuriTeam
Remote exploitation of an invalid array indexing vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
0:00
»
Packet Storm Security Recent Files
iDefense Security Advisory 02.09.10 - Remote exploitation of an invalid array indexing vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an OEPlaceholderAtom record. This record type is used to create a placeholder for an object (picture, text, etc.) on a slide. By providing a value greater than the size of an array, it is possible to corrupt stack memory beyond the bounds of the array with a fixed value. By overwriting critical structures like the saved return address, it is possible to execute arbitrary code.
-
0:00
»
Packet Storm Security Advisories
iDefense Security Advisory 02.09.10 - Remote exploitation of an invalid array indexing vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an OEPlaceholderAtom record. This record type is used to create a placeholder for an object (picture, text, etc.) on a slide. By providing a value greater than the size of an array, it is possible to corrupt stack memory beyond the bounds of the array with a fixed value. By overwriting critical structures like the saved return address, it is possible to execute arbitrary code.
-
-
11:00
»
Hack a Day
Let’s face it, walking around in the rain sucks. [Matth3w] is trying to add a little whimsy to an unpleasant experience by adding an LED matrix to his umbrella. The array contains 80 LEDs that are individually addressable. This is a mutiplexed array that relies on a MIC2981 source driver for the eight rows (or [...]
-
-
7:40
»
Hack a Day
This is an array of flourescent tubes that form a display. The video above is just two modules of a ten module installation that [Valentin] and his team are showing at an exhibition in Berlin tomorrow. The connected modules form something of a scrolling 16-segment display (similar to the 17 segment display modules of the [...]
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution