Linux suffers from broken locking in TIOCSPGRP that can lead to a corrupted refcount.
3d16d56ff43c2ab3355f19116f22e1a94fc89347899d1d2c15556ab0e4b4191bThree use-after-free proof of concept exploits for Flash.
2e4eefce9ede8e949e02bc78fdf89f165e66883de32412b8f8591292e5d9a762A use-after-free bug exists while setting the TextFilter.filters array.
31a6c05930a52b35dcd3d8092a6d0a8288bfbf9225bc353369358d98b9ab95b8There is a use-after-free issue if the scale9Grid setting is called on an object with a member that then frees display item. This issue occurs for both MovieClips and Buttons, it needs to be fixed in both classes.
80b4a9baafb714f2dd9d49514a0fc66cae5b4722cb091640d14ef74e3e9fafccThis is a OOB read vulnerability when processing the SCRIPTDATASTRING object in Flv file.
b7ac22badf51c7c646164605a8e31a6bc88e7bf96892a72cbd86c59704b16c46Researchers have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files.
f3c9bc75807a1970026b1a04826e0374c827b906a3593467dfd94e746404d46eResearchers have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files.
6e52ae3b34903df13fac42f16c8c4249f5713a3b28e9e618f11bd01a076bfda5If a watch is set on the childNodes object of an XML object, and then the XML object is manipulated in a way that causes its child nodes to be enumerated, the watch will trigger. If the function in the watch deletes all the child nodes, the buffer containing the nodes will be deleted, even though the original function will still access it when it unwinds. This can lead to a childnodes array in ActionScript containing pointers that can be specified by an attacker.
1295da6dedc93d6a1fe5a27a6f5a706c9506fa2c29602370bf75f3ab7f7f7165Researchers have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files.
6a8eb9549bb642753717c8d5defcb82e1195517e9f35e5373e1e62cfe755b503There is a use-after-free in attachMovie due to the initObject. If the initObject contains an object that calls a method that deletes the movie clip that is being attached, a use-after-free occurs.
90bd26fa45bf4967bccd506cc65201e1553ca1b0810ffe60271cde208371b15bResearchers have encountered a Windows kernel crash in the ATMFD.DLL OpenType driver while processing a corrupted OTF font file.
86ad060ed6b0b92f73638bde724be9999e6d4cd36658f6ce0e727753ba8c5617There are use-after-frees related to storing a single pointer (this this pointer) in several MovieClip drawing methods, including beginFill, beginBitmapFill, beginGradientFill, linGradientStyle, lineTo, moveTo, curveTo and lineStyle.
eb82146aef2be66c90cc556f2ab77a11428236e2b722274ee758243d8ec6b0e3Snare for Linux suffers from a cross site request forgery vulnerability due to a poor implementation of the ChToken. All versions prior to 1.7.0 are vulnerable.
3323c57eabe51f974cc3c72af83508f476be9dbb70cbfeaeac57694f5e5a56fdSnare for Linux suffers from a cross site scripting vulnerability via log injection. All versions prior to 1.7.0 are vulnerable.
d22ada759dcbc1d17dafab44a19f943b1bb0c438c37fb13503433ad75f387109Oracle MySQL version 5.5.19-log on SuSE Linux suffers from a denial of service vulnerability.
e7b152542270e8ccb148f030520930976460470f663a3f3d19c5f09cba1871f5Oracle MySQL on Linux suffers from a vulnerability that allows an attacker to add a new admin user.
d1601135651994faddfc10c91567f145058d6d888036e2073e79b83518277a4fOracle MySQL on Linux suffers from a heap overrun vulnerability.
aa61b4faa2cc9c52276bbcea35e5861199148c06c5182c06981f429b55af2c0eTesttrack for Linux suffers from a race condition vulnerability.
1b0a4efddfcaa65693a50f03013569f7dd053cb2ecc75960d866efe4c465d32cMathematic7 on Linux suffers from a symlink attack vulnerability. Update for 2011-01-03 - Version 8 is also vulnerable.
ba1b34538e2340ce2f349c4b509a6cfecb9b3b2d190542148c53cc3ed5b20b2cDebian GNU/Linux suffers from a XTERM DECRQSS weakness that allows for remote code execution as the user id viewing the content.
2cf126cfa15a92ef06cfb3ec5e1789cbdc1db4514c80b724ea3ff5178539d03dGoolag Scanner version 1.0. This tool has been released by the Cult of the Dead Cow to automate Google hacking using 1,500 predefined search queries.
052f30701a3f98d4097362ef486c4e09cecdf65778832bd34781b2d744896d38The RSA KEON Registration Authority Web Interface suffers from multiple cross site scripting vulnerabilities. Version 1.0 is susceptible.
26c310be669771da1384f9cf1a2df0bcb062948b01a68a3476d898341ac35511SurgeFTP version 2.3a1 Linux suffers from a cross site scripting vulnerability.
eef9a98052e8bafe92d55157a4fa35e226ac63cbe789ec403cfc1bb8b0d1221eSurgeFTP version 2.3a1 Linux suffers from a denial of service condition in its mirror mechanism.
c2e32fdacdb65dce7021a2557bc1a2223d451dd4eeac4d1916119a75c0f49443SurgeMail version 3.7b8 Linux suffers from a format string vulnerability.
525c089d7648287aa57c4e50b8da924fae9c965e876911b34796cfc782d2004eVarious HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious content to bypass HTTP content scanning systems. Systems affected include Checkpoint Web Intelligence and IBM ISS Proventia Series systems.
ed7d99c4b0c8cf924026804e5a72dd264e34e794211f2f18d66d3c41fdd46077
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed