exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files from Behzad Najjarpour Jabbari

First Active2015-10-26
Last Active2018-07-20
Oracle Outside In 8.5.3 Denial Of Service
Posted Jul 20, 2018
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered multiple vulnerabilities in Oracle Outside In Technology, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service). An error in the vsxl5.dll when processing GelFrame objects can be exploited to cause a out-of-bounds read memory access. An integer underflow error in the vsxl5.dll can be exploited to cause an out-of-bounds read memory access. An error when processing "Body" element of HTML file can be exploited to cause a null pointer dereference. An error within the "readChartStyles()" function (vswk6.dll) can be exploited to cause a null pointer dereference. An error in the vswk6.dll can be exploited to cause an out-of-bounds read memory access. An error within the "readChartStyles()" function (vswk6.dll) can be exploited to trigger an infinite loop. An error within the vswk6.dll can be exploited to disclose uninitialized memory or cause a crash. Another error within the vswk6.dll can be exploited to disclose uninitialized memory or cause a crash. Another error within the vswk6.dll can be exploited to disclose uninitialized memory or cause a crash. Another error within the vswk6.dll can be exploited to disclose uninitialized memory or cause a crash. The vulnerabilities are confirmed in version 8.5.3. Other versions may also be affected.

tags | advisory, denial of service, vulnerability
advisories | CVE-2018-2992, CVE-2018-3009, CVE-2018-3093, CVE-2018-3094, CVE-2018-3095, CVE-2018-3096, CVE-2018-3097, CVE-2018-3098, CVE-2018-3103, CVE-2018-3104
SHA-256 | 473015367ef0eea0a25f5af5e93b268a8c2b94f4c278fb37d6fab71b2071ad79
Oracle Outside In 8.5.3 Heap-Based Buffer Overflows / OOB Write
Posted Jul 20, 2018
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered multiple vulnerabilities in Oracle Outside In Technology, which can be exploited by malicious people to compromise a vulnerable system. An error within the "VwStreamRead()" function (vsdrw.dll) can be exploited to cause a heap-based buffer overflow. A boundary error in the vsxl5.dll can be exploited to cause a heap-based buffer overflow. Another boundary error in the vsxl5.dll can be exploited to cause a heap-based buffer overflow. An integer underflow error within the "VwStreamOpen()" function (vswk6.dll) can be exploited to cause an out-of-bounds write memory access. The vulnerabilities are confirmed in version 8.5.3. Other versions may also be affected.

tags | advisory, overflow, vulnerability
advisories | CVE-2018-3010, CVE-2018-3092, CVE-2018-3099, CVE-2018-3102
SHA-256 | 6083d4b0f7e6c245ac2afcefff040394406e2fbaf871dd15e639d6e22aa2d867
Oracle Outside In Technology 8.5.3 Use-After-Free
Posted Apr 26, 2018
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Oracle Outside In Technology, which can be exploited by malicious people to compromise a vulnerable system. Version 8.5.3 is affected.

tags | advisory
advisories | CVE-2018-2806
SHA-256 | 6b1d3b5b8e9640b261be0265a0c6d2b4ae818f1b9f7a7e93a4b5f90930af4f8f
Oracle Outside In 8.5.3.0 Denial Of Service
Posted Nov 21, 2017
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Oracle Outside In, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the vstif6.dll, which can be exploited to cause an out-of-bounds write memory access. The vulnerability is confirmed in version 8.5.3.

tags | advisory, denial of service
advisories | CVE-2017-10051
SHA-256 | 0bb128f0ffb554a5ec684f320f0107962750c13a805e277aeb88e4558151e774
Oracle Outside In VSDX 8.4.0 / 8.5.1 / 8.5.2 / 8.5.3 Use-After-Free
Posted Jan 28, 2017
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Oracle Outside In, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a use-after-free error within the vsvsdx.dll when processing PageHeight and PageWidth values of VSDX file, which can be exploited to corrupt memory via a specially crafted VSDX file. Successful exploitation may allow execution of arbitrary code. Versions 8.4.0, 8.5.1, 8.5.2, and 8.5.3 are affected.

tags | advisory, arbitrary
advisories | CVE-2017-3266
SHA-256 | 9697a7c849f39a13926892d6b471d55b1281d9096e5b8186ba951919119c04ab
Microsoft Windows Type 1 Font Processing Privilege Escalation
Posted Dec 15, 2016
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the win32k.sys when processing Type 1 fonts, which can be exploited to trigger a NULL pointer dereference and subsequently cause a kernel crash or gain elevated privileges via a specially crafted PFB font. The vulnerability is confirmed on a fully patched Windows 7 Professional (win32k.sys version 6.1.7601.23545).

tags | advisory, denial of service, kernel, local
systems | windows
advisories | CVE-2016-7259
SHA-256 | b6b7d487b13f5974b1d680b4b3cd014162b94a54fd298adb9eb15a3d0cdaa57b
Oracle Outside In GetTxObj() Use-After-Free
Posted Nov 10, 2016
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Oracle Outside In, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a use-after-free error within the "GetTxObj()" function (vsflw.dll), which can be exploited to corrupt memory via a specially crafted PRZ file. Successful exploitation may allow execution of arbitrary code. Oracle Outside In versions 8.4.0, 8.5.1, 8.5.2, and 8.5.3 are affected.

tags | advisory, arbitrary
advisories | CVE-2016-5574
SHA-256 | 2914cbdd4b457ca4d8242168827399762469f8bf788d8cf4f0710b5fe8753b51
Oracle Outside In VwStreamRead() Buffer Overflow
Posted Nov 10, 2016
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Oracle Outside In, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "VwStreamRead()" function (vssdw.dll), which can be exploited to cause a heap-based buffer overflow via a specially crafted SDW file. Successful exploitation may allow execution of arbitrary code. Oracle Outside In versions 8.4.0, 8.5.1, 8.5.2, and 8.5.3 are affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2016-5558
SHA-256 | 78350c71c5f276b3da2aa8e819d6553d9cb28796c9ee72b50e2724bca05b1a3c
Reprise License Manager "akey" Buffer Overflow
Posted Jul 26, 2016
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research have discovered a vulnerability in Reprise License Manager (RLM), which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when handling the "akey" POST parameter related to /goform/activate_doit, which can be exploited to cause a stack-based buffer overflow via a specially crafted HTTP request. Successful exploitation of the vulnerability may allow execution of arbitrary code. Affected include Reprise License Manager versions 12.0BL2, 12.1BL2, and 12.1BL3.

tags | advisory, web, overflow, arbitrary
SHA-256 | 7a44242e9092cfe02efcb8529b1f73b1e9b385b7c89ec38c3ff1c23127ffddbb
Reprise License Manager "actserver" Buffer Overflow
Posted Jul 26, 2016
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research have discovered a vulnerability in Reprise License Manager (RLM), which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when handling the "actserver" POST parameter related to /goform/activate_doit, which can be exploited to cause a stack-based buffer overflow via a specially crafted HTTP request. Successful exploitation of the vulnerability may allow execution of arbitrary code. Affected includes Reprise License Manager version 12.0BL2.

tags | advisory, web, overflow, arbitrary
SHA-256 | b433828c96e1b1a9650594e28bf347b845408926a31f2dc471d4d2c8904dabf6
Oracle Outside In Buffer Overflow
Posted Oct 26, 2015
Authored by Secunia, Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered two vulnerabilities in Oracle Outside In Technology, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise an application using the SDK. An error in the vstga.dll when processing TGA files can be exploited to cause an out-of-bounds write memory access. An error in the libxwd2.dll when processing XWD files can be exploited to cause a stack-based buffer overflow. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. Oracle Outside In versions 8.5.0, 8.5.1, and 8.5.2 are affected.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
advisories | CVE-2015-4877, CVE-2015-4878
SHA-256 | 4ed653941f8a16749d3b9b610f5f0203e8ff2d471eb0c5b330fb01af85a0c3bd
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close