what you don't know can hurt you
Showing 1 - 1 of 1 RSS Feed

Files

Zero Day Initiative Advisory 10-060
Posted Apr 6, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-060 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the handling of MixerSequencer objects. When this object is used to play a MIDI file, the GM_Song structure is populated with song data. In particular, it stores a integer value from the file and uses it later as an index into an array of function pointers. If this value is over 128 the process can be made to call a pointer outside the array. This can be leveraged to execute arbitrary code under the context of the user running the applet.

tags | advisory, java, remote, arbitrary
advisories | CVE-2010-0842
MD5 | 9fd6e30cc0ef1a6981a17b3af20230a4
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
EU Wants To Build Its Own DNS Infrastructure With Built-In Filtering Capabilities
Posted Jan 21, 2022

tags | headline, government, dns
MPs Criticize Cyber Agency For Not Aiding China Rights Group After It Was Hacked
Posted Jan 21, 2022

tags | headline, government, britain, china, denial of service, cyberwar
New York Mayor Adams To Receive First Paycheck In Cryptocurrency
Posted Jan 20, 2022

tags | headline, government, bank, cryptography
White Hat Hackers Returns $1 Million Stolen In Crypto Theft Disaster
Posted Jan 20, 2022

tags | headline, hacker, cybercrime, data loss
Red Cross Begs Attackers Not To Leak Stolen Data For 515k People
Posted Jan 20, 2022

tags | headline, hacker, privacy, data loss
Cheap Malware Is Behind A Rise In Attacks On Cryptocurrency Wallets
Posted Jan 20, 2022

tags | headline, malware, cybercrime, fraud, cryptography
Safari Is Apparently Failing To Respect Same Origin Policy
Posted Jan 19, 2022

tags | headline, privacy, phone, flaw, apple, safari
Microsoft Patches The Patch That Broke VPN
Posted Jan 19, 2022

tags | headline, privacy, microsoft, flaw, patch, cryptography
Crypto.com Says Alleged $15 Million Hack Was Just An Incident
Posted Jan 19, 2022

tags | headline, hacker, privacy, data loss, cryptography
Zoom Vulnerabilities Impact Clients, MMR Servers
Posted Jan 19, 2022

tags | headline, privacy, phone, flaw, google
View More News →
packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close