Email address | private |
---|---|
First Active | 2008-09-15 |
Last Active | 2015-08-17 |
Various Comtrend routers suffer from cross site request forgery vulnerabilities.
e075f47c52d3263edf9bcad894a9d0275e22ef6410176b35861b5f4f4b21a56c
iDefense Security Advisory 02.24.09 - Remote exploitation of a invalid object reference vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user. During the processing of a Shockwave Flash file, a particular object can be created, along with multiple references that point to the object. The object can be destroyed and its associated references removed. However a reference can incorrectly remain pointing to the object. The invalid object resides in uninitialized memory, which the attacker may control to gain arbitrary execution control. iDefense has confirmed the existence of this vulnerability in latest version of Flash Player, version 9.0.124.0. Previous versions may also be affected.
780e892128d7d79681ecb9f2b0c8adb3af7430a9be41d1863f245d1dd740cf75
A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious web address or open a malicious file. The specific flaw exists within the parsing of PDF objects defined in the file. When a specific object becomes malformed, a small memory corruption occurs which can be leveraged by an attacker to execute arbitrary code under the context of the current user.
83fcb2c8b363aecd0f52b7d84c9897263d7250d4ee9f6957c6eadeeccb666437
Microsoft Windows is prone to a kernel-related denial of service condition due to the way srv.sys handles malformed WRITE_ANDX SMB packets. Metasploit exploit code included.
78155c1242238f3c779e439c47050b7f13096125447eda1e52928ce1ec4671a2