what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 33 RSS Feed

Files from Chaouki Bekrar

First Active2010-05-14
Last Active2013-03-19
Mozilla Firefox nsHTMLEditRules Use-After-Free
Posted Mar 19, 2013
Authored by Nicolas Joly, Chaouki Bekrar, VUPEN, Jordan Gruskovnjak | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error within the XUL "nsHTMLEditRules::nsHTMLEditRules()" function when processing certain objects, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.

tags | advisory, remote, web
advisories | CVE-2013-0787
SHA-256 | f0d46293df9a00f2fa660f6e96989d985d27caaecef937c4a4865e96961181ee
Microsoft Windows GDI+ Size Handling Integer Overflow
Posted Apr 14, 2011
Authored by Nicolas Joly, Chaouki Bekrar, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the GDI+ library when parsing certain values within a EMF image file, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.

tags | advisory, web, overflow
systems | windows
SHA-256 | e9d976818013ca305eba57812572521d3237061c36f4c3f3f638dc81c1690983
Microsoft Office MSO Size Handling Integer Overflow
Posted Apr 14, 2011
Authored by Nicolas Joly, Chaouki Bekrar, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office. The vulnerability is caused by an integer overflow error in the MSO component when parsing certain values within an Office document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a malformed Office file (e.g. Word). Microsoft Office XP Service Pack 3 is affected.

tags | advisory, overflow
SHA-256 | 2d2ef1ad1bdc1ee43e992f908da55b1ea19d51d2bcabcf4e211f64a913e1e003
Adobe Shockwave DIRAPI Lctx Chunk Memory Corruption
Posted Feb 14, 2011
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Shockwave. The vulnerability is caused by a memory corruption error in the "DIRAPI.dll" module when processing the "LCTX" chunk within a Director File, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page. Adobe Shockwave Player versions 11.5.9.615 and prior are affected.

tags | advisory, remote, web, arbitrary
SHA-256 | a14685bc6080babb1b766400a94d5de2768c47bc73bcd035cb57c90a363fe819
Microsoft Office Publisher "pubconv.dll" Array Indexing Vulnerability
Posted Dec 16, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by an array indexing error in "pubconv.dll" when processing a malformed value within a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.

tags | advisory, remote, arbitrary
advisories | CVE-2010-2571
SHA-256 | 43aac8ed8976ed13ccda0e97861b2b3709629169f2556b198b2d482442b2cbaa
Microsoft Office Publisher Record Array Indexing Vulnerability
Posted Dec 16, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by an array indexing error when processing a malformed record within a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3955
SHA-256 | 603e49d5fa7011c1d086f935bb72cb2deb90d9588947988c40c05def92caa937
Microsoft Office Publisher Size Value Heap Corruption Vulnerability
Posted Dec 16, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by a heap corruption error in "pubconv.dll" while trusting a size value from a Publisher document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.

tags | advisory, remote, arbitrary
advisories | CVE-2010-2569
SHA-256 | 591d6c511bb8a6f88dba0fe4856dfb099b7d1dc89c130d5503e1e15766321d24
Microsoft Office Publisher Memory Corruption Vulnerability
Posted Dec 16, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Publisher. The vulnerability is caused by a memory corruption error when handling malformed Publisher documents, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a malicious PUB file. Note: The Publisher file format is not publicly documented.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3954
SHA-256 | 346bc82297626beb2fbe7a81582c8835f6d44e92821bfd9f647b17eefd9bbb86
RealPlayer RA5 Data Handling Heap Overflow Vulnerability
Posted Dec 14, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling malformed RA5 files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web, overflow, arbitrary
SHA-256 | 6f509b1f5017a3048fef78a085858a29e8d684c16251cd60c9024a686c3cdd00
RealPlayer RealMedia Data Handling Heap Overflow
Posted Dec 14, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered three critical vulnerabilities in RealPlayer. These vulnerabilities are caused by heap overflow errors when handling malformed RealMedia data, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web, overflow, arbitrary, vulnerability
SHA-256 | 3e744f583f0bb3a9b86c94fa386cfddbd0421f8807c4245fdcff1e5cb69a4a8b
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by an input validation error when processing certain elements in a Ghost record, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3242
SHA-256 | d6d6390958f92ed07b4d2c5e15709f7fef6986c9aa26a8f34895fff6fa8a4354
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a memory corruption error when processing certain structures in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3241
SHA-256 | f327f64d4ad3765c91e02905d2e170ad44625a785126eb2a47408a86a1f75273
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by an array indexing error when processing RealTimeData records in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3240
SHA-256 | b0394ee0714f4a34f6b77d22e6092fa129ef3339828fc4d78a16e527c76d1e80
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a memory corruption error when processing PtgExtraArray structures in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3239
SHA-256 | e19af2ec0d3533567d3a32477534781cf0b32cb325b298813a4c7f68630e574c
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a memory corruption error when processing a negative future function while parsing an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3238
SHA-256 | 60861b81f80faa96ebf71b0e4feafa3d933e780e764da294d28e82b3a3d8b8bf
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by an invalid pointer when processing malformed Merge Cell records in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3237
SHA-256 | 3119190982fe54a39aca06a34de7455412077534acde935d581e338f5cc88cb0
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by an array indexing error when processing certain records in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3236
SHA-256 | 7fe69e73e5b9a2dcbc7934bd67a9787b1b6728b3c3cb7099f0deb3b18e3ddcfa
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a dangling pointer when processing certain Formula records in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3235
SHA-256 | f45d18bff402a84ec127606ed71c3e215d68aad73e735a753adb18a2c89d1340
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a memory corruption error when parsing Formula Substream records in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3234
SHA-256 | a840ba3e65f9384d17d00a10223ca54bcd95ae3df4a850ba142552b66906113c
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a buffer overflow error when parsing Formula records in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-3231
SHA-256 | 62124a28b6d6782280dc4420c3f6f6aecba5bf44cecc5677eb70030926d60c00
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Word. The vulnerability is caused by a memory corruption when parsing certain data in a Word document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Word file.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3221
SHA-256 | 6f605a94866beb2d7e61953b8b8b2c368d2f75d0b1f997c1fd71c03fd1b9db1c
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Word. The vulnerability is caused by a heap overflow error when processing LVL structures in a Word document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Word file.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-3220
SHA-256 | bb74d0d766f0270b9b87c02ab5f5390ef28efd02610d0b1145c30e50cfe149c7
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Word. The vulnerability is caused by an array indexing error when processing BKF objects in a Word document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Word file.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3219
SHA-256 | 8b09cfc9c65f858f69e4206bdf31934990f7ae24ed2d5359b974b960d2705145
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Word. The vulnerability is caused by a heap overflow error when processing certain data in a Word document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Word file.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-3218
SHA-256 | 3daa252efc7dbd94986b9c167cbcab21ffccc6e44a849e2b84660d5095cf27c7
VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Word. The vulnerability is caused by the use of an invalid pointer when processing certain structures in a Word document, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Word file.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3217
SHA-256 | 0b81fc43ae55d8d6596ae2125fafd9b719d96585bf6c10fdb7b52a635954fcc0
Page 1 of 2
Back12Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close