Apple Intel HD 3000 graphics driver version 10.0.0 suffers from a local privilege escalation vulnerability.
3e5d2696bc6839ebf47fb06c0e42e065d3ee82398e3dd4e1241db80224bc448fWhitepaper called Security the Kernel via Static binary Rewriting and Program Shepherding. -
18ae1bdd7e29da68b73f1ee47eb588a934ffcd5e35aad3d0fc3709c3bac2a3e3Whitepaper called JIT Spraying and Mitigations.
4cab5c6fbd56d3ba89a93ebc1e12b7aaf0ce0db20ffa8503a2089d4b7cd8416eWhitepaper called Security Mitigations for Return-Oriented Programming Attacks.
41f3edf0bb4f700984a9301ce40e45539890331a9b270c62e5aff98dc0a80763Microsoft SRV2.SYS SMB negotiate ProcessID function table dereference exploit.
b6c3e6373f1220e76211f29f7ed7290793eecac9b6685d9f94f4fc054d2818e6Whitepaper called Evading network-level emulation.
d489c38435ff90e51abe56d25eade253c749f37d9416b3fe83c932c3e141b042Whitepaper called Generic Unpacking of Self-modifying, Aggressive, Packed Binary Programs.
3f05f130e949b1a5fbd06be19a49f90f6ff2127726c983f09433195a7f4d92adWhitepaper called Dynamic Data Flow Analysis via Virtual Code Integration (aka The SpiderPig case).
6b324a79b6cd6cf0551225d193153bc4bbe889c7a862c5f5da5bfdab9303ed6dRealNetworks RealPlayer/RealOne Player/Helix Player all suffer from a heap corruption vulnerability in the handling of specially crafted .mov files. Successful exploitation may lead to code execution.
d0b3de4e4ec1830bd5ba47b604c4bffbdf1436a14cbbabd5bde23e273d74a08cRealNetworks RealPlayer/RealOne Player/Helix Player all suffer from a memory corruption vulnerability in the handling of specially crafted .mov files. Successful exploitation may lead to code execution.
4bfd216b1b49b47a039fd1ba81f14f6a6960a86d3d640af7a0c59b9a7cbffd35A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists while decompressing skin files (.WMZ and .WMD) with malformed headers. During this process the malformed values are used to improperly calculate data which can later allow an attacker to execute code under the rights of the current user.
fd124b4813e7b30490ec09a758f257012e9680c1e061030a378bc39967915936A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows Media Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of malformed skin files (WMZ). A size compressed / decompressed size mismatch can result in an under allocated heap buffer which can be leveraged by an attacker to eventually execute arbitrary code under the context of the current user.
b1220ae8595b89a835ea943c02322c926f4b05d24b18cc55feca92be395049d8Gaara virus disinfector type 2 for the TI-89.
c46a539d643fc30ff3478167bae29e7253581e2f89e76263868c198af95635cdGaara virus disinfector type 1 for the TI-89.
5002b3c671866ead144a18c3b95a917630f242e0feae1773607598b790fa952cGaara is world's first resident entry-point-obscuring virus for ti89 Titanium calculators. Written fully in Motorola 68K assembly. For educational purposes only.
aa998ae04814d1ea2b39e6c48d02662c8a362c312cc066a3221330cfb51f3e3fAOL Nullsoft Winamp S3M module IN_MOD.DLL suffers from a remote heap memory corruption vulnerability.
62c7089a210a961924687feeaecb2d8f45d356c6618343979cdf2e6263bc2408AOL Nullsoft Winamp IT module IN_MOD.DLL suffers from a remote heap memory corruption vulnerability.
ec53e58f8c028f8f14c1da28ca3065b2f404fc1f2b74d3299ebee212af2cfb80AOL Nullsoft Winamp version 5.33 suffers from a remote memory corruption vulnerability in LIBSNDFILE.DLL.
8c9cb6b56343774b51dbb918881f81896824d95b2c2ffad5ba9580c6bda4cd96Apple QuickTime player version 7.1 on Windows suffers from a remote heap overflow vulnerability.
65da3ab8f46f0b132528896188ac81e77e60eee67849338401fb5ac40456b761Adobe Reader versions 7.0.8 and below suffer from a remote heap memory corruption vulnerability.
7fefcb2fb637ae16fe9ea6a212555de6f4a6f5f1f3c7d0e4153b45c993094fcbThe Apple QuickTime Player H.264 Codec suffers from a remote integer overflow.
5ea34f1a02017755ab163173409e709d33150801387d77325edd97397697b054When Kadu receives large number of image send requests from an attacker it crashes. POC included.
078f627886f63f76f4b0851af9039d6c9d677d85ffa4eff8b96da3b19082bc7cDisit is a new open source disassembler engine.
7aceb71d9143184a945084ed93d86e101db05cbb842250649377f0303dc4d23dApple QuickTime PictureViewer is reported prone to remote memory overwrite vulnerability (exploitable via remotely originated content). Expansion of compressed PICT data could exceed the size of the destination buffer, this cause an memory overwrite. The vulnerability may lead to remote code execution when specially crafted picture file (PICT file) is being loaded. Software affected: QuickTime package 7.0.1 for Mac OS X 10.3, QuickTime package 7.0.1 for Mac OS X 10.4, QuickTime package 6.5.2 for Mac OS X 10.3, QuickTime package 6.5.2 for Mac OS X 10.2, QuickTime package 7x for Windows.
3b036f60cdfd01972d16163f01c31f694e97731c38b410af970ba5984b080fa5Apple QuickTime Player is reported prone to remote denial of service attack (exploitable via remotely originated content). A missing movie attribute is interpreted as an extension, but the absence of the extension is not flagged as an error, resulting in a de-reference of a NULL pointer. This will cause a denial of service against any application loading remotely-originated content. Software affected: QuickTime package 7.0.1 for Mac OS X 10.3, QuickTime package 7.0.1 for Mac OS X 10.4, QuickTime package 6.5.2 for Mac OS X 10.3, QuickTime package 6.5.2 for Mac OS X 10.2, QuickTime package 7x for Windows.
78f76c0519c801a0dfe0a4623f3d5c7c7bcc6623dc6b84d531c8fc2e896f1c67
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed