A heap corruption vulnerability has been found in the Citrix XML Service of XenApp and XenDesktop which is installed on every server used for sharing applications. Successful exploitation allows arbitrary code execution on the server running the XML service.
a967d2b7f8fefd73301e6eaf2dfb4c514e1473ca7edba87c15475fe6dc0abe7elaunchd suffers from a heap corruption vulnerability due to incorrect rounding in launch_data_unpack.
5728e5ebf948c4d9fcd1bcdca177b71ce40167df17cbb2d5d1900427d642880fTrojan-Proxy.Win32.Symbab.o malware suffers from a heap corruption vulnerability.
d87eadfc59cb93da41ff57f425f1d203ea3db932253b3a8c23cde42e7b31c47cBackdoor.Win32.Agent.sah malware suffers from a heap corruption vulnerability.
9bd7d625393c123503e2aacbba917dba574c419749f4f776de7c51f373105884Backdoor.Win32.LanaFTP.k malware suffers from a heap corruption vulnerability.
5fcc42211515bab2781a60422bcf2329b80f6fb504e0d97e4296e185b79579d5Virus.Win32.Shodi.e malware suffers from a heap corruption vulnerability.
e5992ed5886d827c3b902f3c357da73a453ca8caafc54ce4c28cd1746fa34680Red Hat Security Advisory 2021-2591-01 - EDK is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI firmware for QEMU and KVM. Issues addressed include a heap corruption vulnerability.
063296efe6ec4ddecef8d49f7c83574f5883cb0e1c3061e0abcb882bf3db323fThere is a heap corruption bug that can occur when QT processes a malformed TIFF image. It happens because the size of the QImageData backing the image is calculated is calculated using the format of the image, meanwhile TIFFReadScanline calculates the length to be read based on TIFFScanlineSize, which determines the size base on three tags in the TIFF file, width, samples per pixel and bits per sample.
765990ea3bd9f2c14232bcfa3535efba165c1990d1e7949df33a649783e33d0bBackdoor.Win32.NetSpy.10 malware suffers from a heap corruption vulnerability.
40b0ad730bc229a47ab2cc59e18aa1563785c0fe02e126f3084c40235157b48dBackdoor.Win32.Agent.gmug malware suffers from a heap corruption vulnerability.
88399c2d9a4a3ecb689286c86845703121ea80b4bbcb96466285c0b81ea351eaBackdoor.Win32.Agent.afq malware suffers from a heap corruption vulnerability.
f46ad9d6ff8413bc6b571690fc3661a3308a61b6a2b3b6ba4da2b61e6ce40019Trojan.Win32.Cafelom.bu malware suffers from a heap corruption vulnerability.
c495636b818cd7c3b7660d9376094f54b60fc76dab0d98070462b30ed384dc61Gnome Fonts Viewer version 3.34.0 suffers from a heap corruption vulnerability.
b4cad54e554bbab9f8d624efd6e9178670861a574b49852d72899b50251f5294Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in MakeFormat12MergedGlyphList.
9ad072537e464902161bb1d614b4ef7d91d6dfd438e7a9b6bda50e71f2ad8176Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in ReadAllocFormat12CharGlyphMapList.
13242e827b1f0a3ff93c57d1a71e5f493fc85117660e0d5e79eebecfaf18ab70Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in ReadTableIntoStructure.
544427667509a091f6d7efe745438ad65a9a17d6c0bfcf266fd3e755022d8081Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in FixSbitSubTables.
f46d17c954f6e94d032c69f8511236395dead5379f423b21f856132b36934f44A heap corruption was observed in Oracle Java Runtime Environment version 8u202 (latest at the time of this writing) while fuzz-testing the processing of TrueType fonts.
3c3d35dfc5426eaa61ae91b3e754f6e09c909445eb2f9484504d724fdedd1db5A heap corruption was observed in Oracle Java Runtime Environment version 8u202 (latest at the time of this writing) while fuzz-testing the processing of TrueType, implemented in a proprietary t2k library.
cc1fdb072ca05f2a5b04c3cb9301fdc0fce66245b901c57e61aba6f76f5054ecThere is a heap corruption vulnerability in VCPDecompressionDecodeFrame which is called by FaceTime. This bug can be reached if a user accepts a call from a malicious peer.
1bd312f7b4a101fec53ac225a7f3d6e0201421a8aa365cfae0b3c2da6c90a236WhatsApp suffers from a heap corruption vulnerability in RTP processing.
e053dae6b5c926d9d1c66aa29e059009fecb9861a5a9937ccd1fa50f7ffcea53Debian Linux Security Advisory 4154-1 - A heap corruption vulnerability was discovered in net-snmp, a suite of Simple Network Management Protocol applications, triggered when parsing the PDU prior to the authentication process. A remote, unauthenticated attacker can take advantage of this flaw to crash the snmpd process (causing a denial of service) or, potentially, execute arbitrary code with the privileges of the user running snmpd.
c2fdf78354d35abec9941075f6a4273bb1213ca58a281c089f7c7f2f8527420aThe Microsoft MsMpEng mpengine x86 emulator suffers from a heap corruption vulnerability in VFS API.
46362a2418387131b284b6f99ffbd92b63a52b28cf6850b31bc0119ebc171b9fAdobe Flash suffers from a heap corruption vulnerability in the ATF parser.
aa2b6fd4f44a098e6ecba7504988e0d89a5e75e3bc29a11c164bf7ac741679b8Apple MacOS NSUnarchiver suffers from a heap corruption vulnerability due to lack of bounds checking in [NSBuiltinCharacterSet initWithCoder:].
e2849820975ba9e34e34473279ce9b4842b59d2332429f539fffbd8657173888Adobe Flash suffers from a heap corruption vulnerability in the margin handling.
19f24cf279fd2e72d032220c5d8428c8270508c3c25f9006996eac40ba0cc4ad
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed