exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 115 RSS Feed

Files from VUPEN

Email addressadvisories at vupen.com
First Active2010-10-15
Last Active2014-07-16
Oracle Java Font Processing "maxPointCount" Heap Overflow
Posted Oct 25, 2012
Authored by VUPEN, Florent Hochwelker | Site vupen.com

The VUPEN Vulnerability Research Team has discovered a critical vulnerability in Oracle Java. Versions JRE/JDK 7u7 and below are affected. The vulnerability is caused by a heap overflow error within the "t2k.dll" component when processing a malformed "maxPointCount" field within a Font, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, java, remote, web, overflow
SHA-256 | d9af8230d41a685d5e7bb40755a541e997054f9dc783a564ea76685d82b0f2cd
Microsoft Internet Explorer OnMove Use-After-Free
Posted Oct 24, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team has discovered a critical vulnerability in Microsoft Internet Explorer versions 8 and 9. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing certain "onMove" events, which could allow remote attackers the ability to execute arbitrary code via a specially crafted web page.

tags | advisory, remote, web, arbitrary
SHA-256 | 85f55c391fa51f8db9e2ea2e5872c2b57c06a40ec881bb2bd591e58f9ae0baad
Microsoft Internet Explorer "scrollIntoView" Use-After-Free
Posted Oct 24, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team has discovered a critical vulnerability in Microsoft Internet Explorer versions 8 and 9. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing certain "scrollIntoView" events, which could allow remote attackers the ability to execute arbitrary code via a specially crafted web page.

tags | exploit, remote, web, arbitrary
systems | windows
SHA-256 | f1a197c1783c02ee319890a13237b275d13b69b33b95c58bfe6caca575473a2c
Mozilla Firefox nsHTMLEditRules Remote Use-After-Free
Posted Sep 11, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error in the "setUserData()" method within the "nsHTMLEditRules" class, which could allow remote attackers execute arbitrary code via a specially crafted web page. Products affected include Mozilla Firefox versions prior to 15, Mozilla Firefox ESR versions prior to 10.0.7, Mozilla Thunderbird versions prior to 15, Mozilla Thunderbird ESR versions prior to 10.0.7, and Mozilla SeaMonkey versions prior to 2.12.

tags | advisory, remote, web, arbitrary
advisories | CVE-2012-3958
SHA-256 | b959bb054b031b5fb76ff256d6ea33e667b137e39e0b15d5f9ad08cc17dd93af
Microsoft Windows Common Controls MSCOMCTL.OCX Use-After-Free
Posted Sep 11, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft products. The vulnerability is caused by a use-after-free error in the "TabStrip" Control within the "MSCOMCTL.OCX" component, which could allow remote attackers execute arbitrary code via a specially crafted web page or malicious Office document. A large amount of products are affected.

tags | advisory, remote, web, arbitrary
advisories | CVE-2012-1856
SHA-256 | 83d4ac95b7df6d9d0e21446d37657b74bd6349ccb853b935fd08488698d5329f
Adobe Flash Player Matrix3D Integer Overflow Code Execution
Posted Sep 11, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an integer overflow error in the "copyRawDataTo()" method within the "Matrix3D" class when processing malformed arguments, which could allow remote attackers execute arbitrary code via a specially crafted web page. Adobe Flash Player versions 11.3.300.271 and prior are affected.

tags | advisory, remote, web, overflow, arbitrary
SHA-256 | d2ffa29681b8fc88e5a88e349eabd789a616bded95aa6af9e69538a75b01138c
Microsoft Internet Explorer Col Element Remote Heap Overflow
Posted Jun 20, 2012
Authored by Alexandre Pelletier, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a heap overflow error in the mshtml.dll module when processing "Col" elements, which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2012-1876
SHA-256 | 58b473d4348bb610fc06c374fb2c748a08cf5103cd4a273b9e7f79bc45b2b21e
Microsoft Internet Explorer GetAtomTable Remote Use-After-Free
Posted Jun 20, 2012
Authored by VUPEN, Jordan Gruskovnjak | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the mshtml.dll module when processing GetAtomTable objects, which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP.

tags | advisory, remote, arbitrary
advisories | CVE-2012-1875
SHA-256 | 8e4efee72018e74d74bd0e481367967504569eb75b76d4050a7fef60ffc11887
Microsoft Internet Explorer CollectionCache Remote Use-After-Free
Posted Jun 20, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the mshtml.dll module when processing CollectionCache objects, which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP.

tags | advisory, remote, arbitrary
SHA-256 | e3d29879255e1ff2003388a8d7447ab0c086cfdc1cb25b9bc5b4605cfe1e6951
Adobe Flash Player NetStream Remote Code Execution
Posted Apr 19, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an invalid object being used when parsing a malformed video via "NetStream.appendBytes", which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP enabled.

tags | advisory, remote, arbitrary
advisories | CVE-2012-0773
SHA-256 | 9b4488d35212ce158b36f3b2eb967b148fddbf040de1f99a30ab5a53f3202ef4
Microsoft Internet Explorer VML Remote Code Execution
Posted Apr 18, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the "vgx.dll" component when processing certain VML behaviors, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.

tags | advisory, web
advisories | CVE-2012-0172
SHA-256 | b26b14f8e0513c5015cfa528b828f45892990e4d864673868941be4f05ba2bf9
Adobe Flash Player Matrix3D Remote Memory Corruption
Posted Mar 20, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a memory corruption error within the Matrix3D class when processing malformed 3D data within SWF files, which could be exploited by attackers to potentially compromise a vulnerable system or disclose memory information by tricking a user into visiting a specially crafted web page. Adobe Flash Player versions 11.1.102.62 and below are affected.

tags | advisory, web
advisories | CVE-2012-0768
SHA-256 | cd2efadbb305725a418111b28128ed5c65004213052f530f752893ddaadc11f6
Adobe Acrobat / Reader Image Processing Integer Overflow
Posted Jan 12, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an integer overflow error when processing malformed image data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file. Versions affected include Adobe Acrobat and Reader X (10.1.1) and prior and Adobe Acrobat and Reader 9.4.7 and prior.

tags | advisory, overflow
SHA-256 | c94c13dce309f884bd280837f2c98fd26f4a3b8efdb37192552ad693c35c02fe
Microsoft Windows Time Behaviour Remote Use-After-Free
Posted Dec 19, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the "mshtml.dll" module when handling a specific Time behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, remote, web
systems | windows
SHA-256 | cba9bea32ea67c8da60c966ebfc113a9ade45175f2c308da67602f022e70e159
Microsoft Windows "datime.dll" Remote Code Execution
Posted Dec 19, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the TIME (datime.dll) module when loaded via a specific behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, remote, web
systems | windows
SHA-256 | 363771ff8fedc0e7c3eb4df5ff9a4fe0bc4f64c4b34e44157b5e85bbbd053e8e
Microsoft Windows Media Player DVR-MS Buffer Overflow
Posted Dec 19, 2011
Authored by Sebastien Renaud, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows Media Player. The vulnerability is caused by a buffer overflow error in the XDSCodec & Encypter/Decrypter Tagger Filters "ENCDEC.DLL" within Windows Media Player when processing certain fields within a DVR-MS (Digital Video Recording) file, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page or a malicious ".dvr-ms" media file.

tags | advisory, remote, web, overflow
systems | windows
SHA-256 | abe71c0175b7a06c7b13a1c8e877a119177040e1b36f365f7231fe6642d78a92
Adobe Flash Player "SAlign" Memory Corruption
Posted Dec 19, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Adobe Flash Player. The vulnerability is caused by an uninitialized stack variable when processing an invalid "SAlign" property of the Flash ActiveX control, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Versions prior to 11.1.102.55 are affected.

tags | advisory, remote, web, activex
advisories | CVE-2011-2459
SHA-256 | 10561391d54ae2a2a00c408b11bdbca9246b41da1060d29b93367e7f6c836d46
Microsoft Internet Explorer X-UA-COMPATIBLE Use-After-Free
Posted Oct 21, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing the "X-UA-COMPATIBLE" keyword of a "META" tag, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, remote, web
SHA-256 | 48c8c110e7a16caf9bec75c333999b1e5148e63511b0674e0649301d7dfb1252
Google Chrome WebKit Engine Child Tag Deletion Stale Pointer
Posted Oct 7, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting certain child tags in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Google Chrome versions prior to 14.0.835.202 are affected.

tags | advisory, remote, web
SHA-256 | a76cbf6bdbee711ebfce8dc173c64df62c4636a89ebcd164f53aaf43db1e466f
Google Chrome WebKit Engine Ruby Tag Stale Pointer
Posted Oct 7, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting a Ruby tag and its children in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, remote, web, ruby
SHA-256 | f155029aeaa8cd2c97b5f87a4c567067ee56940483899fa350ddc410ece08479
Novell GroupWise Calendar BYWEEKNO Memory Corruption
Posted Sep 28, 2011
Authored by Alexandre Pelletier, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "ICalProcessYearlyRule()" function within the "gwwww1.dll" component when processing a malformed "BYWEEKNO" property in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.

tags | advisory, remote, overflow
SHA-256 | db76992fc18da1157668a6a0332cdb40c29764ed690037608ce8caa1dc451bd4
Novell GroupWise Calendar integerList Buffer Overflow
Posted Sep 28, 2011
Authored by Sebastien Renaud, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "NgwIRecurParam::integerList()" function within the "gwwww1.dll" component when processing a malformed "RRULE" integer list in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.

tags | advisory, remote, overflow
SHA-256 | d697fda1f2bceeef87278e911dee69649d6ee0b25eb8e452101f1275579c8d3a
Novell GroupWise Calendar RRULE Remote Buffer Overflow
Posted Sep 28, 2011
Authored by Sebastien Renaud, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "NgwIRecurByWeekdayParam::bywdaylist()" function within the "gwwww1.dll" component when processing a malformed "RRULE" property in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.

tags | advisory, remote, overflow
SHA-256 | e9739b7f115e53c739cde3bd056999eafde0be533a0e278ee536f5712c2718be
Novell GroupWise Calendar TZNAME Remote Buffer Overflow
Posted Sep 28, 2011
Authored by Sebastien Renaud, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "NgwiCalVTimeZoneBody::ParseSelf()" function within the "GWWWW1.dll" component when processing an overly long "TZNAME" variable in a Calendar, which could be exploited by remote unauthenticated attackers to compromise a vulnerable server via a specially crafted email message. Versions 8.0.2 SP2 Hot Patch 2 and below are affected.

tags | advisory, remote, overflow
SHA-256 | 0fb64ec06cda7f994892c85c8e9e82d31139cb63a4a29b85ddd54be492cda0fa
Microsoft Office Excel Formula Record Heap Corruption
Posted Sep 19, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a heap corruption error when processing malformed Formula records within an Excel document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted XLS document.

tags | advisory
SHA-256 | fea05647dde36d6873e65a4a370929a4399740a72e46e76f9aa3a5901033bd1f
Page 2 of 5
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close