exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

Zero Day Initiative Advisory 10-060
Posted Apr 6, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-060 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the handling of MixerSequencer objects. When this object is used to play a MIDI file, the GM_Song structure is populated with song data. In particular, it stores a integer value from the file and uses it later as an index into an array of function pointers. If this value is over 128 the process can be made to call a pointer outside the array. This can be leveraged to execute arbitrary code under the context of the user running the applet.

tags | advisory, java, remote, arbitrary
advisories | CVE-2010-0842
MD5 | 9fd6e30cc0ef1a6981a17b3af20230a4
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Apple Drops Hong Kong Police Tracking App Used By Protesters
Posted Oct 10, 2019

tags | headline, government, phone, china, cyberwar, apple
Forum Cracks The Vintage Passwords Of Ken Thompson And Other Unix Pioneers
Posted Oct 10, 2019

tags | headline, password
Ransomware Gang Uses iTunes Zero-Day
Posted Oct 10, 2019

tags | headline, hacker, virus, fraud, flaw, patch, apple, zero day
Human Rights Activist Allegedly Targeted With NSO Malware
Posted Oct 10, 2019

tags | headline, government, privacy, cyberwar, spyware
Court Finds FBI Use Of NSA Database Violated Americans' 4th Amendment Rights
Posted Oct 9, 2019

tags | headline, government, privacy, usa, data loss, spyware, fbi, nsa
Cookie Monster Eats Data From Sesame Street Store
Posted Oct 9, 2019

tags | headline, hacker, cybercrime, data loss, fraud, backdoor
iOS 13 Tells You When Apps Are Secretly Tracking You
Posted Oct 9, 2019

tags | headline, privacy, phone, spyware, apple
Twitter Sold User Security Information To Advertisers
Posted Oct 9, 2019

tags | headline, privacy, data loss, twitter
Trump's Syria Move Blindsides National Security Leaders
Posted Oct 8, 2019

tags | headline, government, usa, turkey, terror, syria
D-Link Gear Open To Remote Takeover Will Remain Unpatched
Posted Oct 8, 2019

tags | headline, flaw, patch
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close