«
Expand/Collapse
28 items tagged "size"
Related tags:
code execution [+],
code [+],
adobe shockwave player [+],
integer overflow [+],
apple quicktime [+],
shockwave 3d [+],
denial of service [+],
day [+],
size parameter [+],
service vulnerability [+],
select [+],
postgresql [+],
opera [+],
html page [+],
hashtable [+],
hacks [+],
zdi [+],
stack buffer [+],
file [+],
cpio [+],
buffer overflow vulnerability [+],
week [+],
toby cole [+],
textfield [+],
size doesn [+],
seven segments [+],
segment [+],
sean [+],
sample [+],
portable mixer [+],
partition [+],
new years countdown [+],
new years celebrations [+],
new [+],
nearby trees [+],
mp4 files [+],
mixer [+],
microsoft [+],
memory [+],
led [+],
jumbo [+],
jpeg [+],
home [+],
heap memory [+],
hackers [+],
hack [+],
glue [+],
firms [+],
entertainment [+],
dlink di 604 [+],
dlink [+],
dj equipment [+],
cross site scripting [+],
cnc [+],
chance [+],
brian [+],
atom [+],
adobe flash player [+],
Newbie [+],
Learn [+],
Area [+],
zero [+],
memory corruption [+]
-
-
4:01
»
Hack a Day
[Toby Cole] likes to mix tunes whenever he gets a chance. But the size of his DJ equipment made it a real bother to lug around with him. He does own a Behringer portable mixer but without cross faders it’s not really all that usable, and most of the other offerings don’t get good reviews. [...]
-
-
16:41
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-080 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of MP4 files. A size value is read from MP4 files and used for size calculation without proper validation. The arithmetic performed on the size value can cause integer overflows, resulting in undersized allocations. This undersized memory allocation can be subsequently overpopulated with data supplied by the input file which can be used to gain remote code execution under the context of the current process.
-
-
13:44
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-277 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime handles 'mp4v' codec information. When parsing the video description table it will read the size field preceding the 'mp4v' tag and use that size to create an allocation to hold the data. It will then copy the correct amount of data into that buffer, but then does some endian changes on a fixed portion of the buffer without checking its size. The resulting memory corruption could result in remote code execution under the context of the current user.
-
13:44
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-277 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime handles 'mp4v' codec information. When parsing the video description table it will read the size field preceding the 'mp4v' tag and use that size to create an allocation to hold the data. It will then copy the correct amount of data into that buffer, but then does some endian changes on a fixed portion of the buffer without checking its size. The resulting memory corruption could result in remote code execution under the context of the current user.
-
13:44
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-277 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime handles 'mp4v' codec information. When parsing the video description table it will read the size field preceding the 'mp4v' tag and use that size to create an allocation to hold the data. It will then copy the correct amount of data into that buffer, but then does some endian changes on a fixed portion of the buffer without checking its size. The resulting memory corruption could result in remote code execution under the context of the current user.
-
-
14:54
»
Hack a Day
We here at Hack A Day love LED’s, and all things LED related, but one of the biggest problems with LED’s are the small size. We want bigger and brighter, matrices the size of our TV, seven segments as big as a wall and a single white led the size of a baseball, and brighter [...]
-
-
3:42
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-222 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DEMX chunk inside Adobe's RIFF-based Director file format. The code within the Shockwave 3d Asset.x32 module does not properly check a size value used as the size for a malloc. The given size will wrap, causing a small buffer to be allocated. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
-
3:42
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-222 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DEMX chunk inside Adobe's RIFF-based Director file format. The code within the Shockwave 3d Asset.x32 module does not properly check a size value used as the size for a malloc. The given size will wrap, causing a small buffer to be allocated. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
-
-
16:05
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-211 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DEMX chunk inside Adobe's RIFF-based Director file format. The code within the Shockwave 3d Asset.x32 module does not properly check a size value used as the size for a malloc. The given size will wrap, causing a small buffer to be allocated. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
-
16:05
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-211 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the DEMX chunk inside Adobe's RIFF-based Director file format. The code within the Shockwave 3d Asset.x32 module does not properly check a size value used as the size for a malloc. The given size will wrap, causing a small buffer to be allocated. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
-
16:05
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-210 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the rcsL chunk inside Adobe's RIFF-based Director file format. The code within the IML32.dll is affected by an integer overflow caused by the allocation of the input size plus 1 and the subsequent copying of the input string using the original size. The given size will wrap, causing a small buffer to be allocated. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
-
16:05
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-210 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the rcsL chunk inside Adobe's RIFF-based Director file format. The code within the IML32.dll is affected by an integer overflow caused by the allocation of the input size plus 1 and the subsequent copying of the input string using the original size. The given size will wrap, causing a small buffer to be allocated. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
-
16:05
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-210 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the rcsL chunk inside Adobe's RIFF-based Director file format. The code within the IML32.dll is affected by an integer overflow caused by the allocation of the input size plus 1 and the subsequent copying of the input string using the original size. The given size will wrap, causing a small buffer to be allocated. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the user running the browser.
-
-
15:23
»
Packet Storm Security Advisories
Opera up to and including version 10.60 is vulnerable to an arbitrary memory write of 0x00000000, 4 byte aligned, when processing an html page featuring a SELECT tag with a very large SIZE parameter.
-
15:23
»
Packet Storm Security Recent Files
Opera up to and including version 10.60 is vulnerable to an arbitrary memory write of 0x00000000, 4 byte aligned, when processing an html page featuring a SELECT tag with a very large SIZE parameter.
-
15:23
»
Packet Storm Security Misc. Files
Opera up to and including version 10.60 is vulnerable to an arbitrary memory write of 0x00000000, 4 byte aligned, when processing an html page featuring a SELECT tag with a very large SIZE parameter.
-
-
13:04
»
Hack a Day
New Years celebrations tend to get bigger and bigger every year for most people, and [Brian] takes no exception. In order to top his lighted tree of a few years ago, he has concocted a 40′x40′ set of Seven-Segment displays made out of Christmas lights, hung from nearby trees. These displays would start counting down [...]
-
-
11:36
»
remote-exploit & backtrack
i made 10gb for bt4 final.. after a week i use bt4, i got pop out tell me the disk is full.. i dont know what to delete anymore.. im not store my file in /home but it still full..
actually how and why this problem occurs?
how can i add size of bt4 partition without reinstall it??
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution