exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

Google Chrome 103.0.5060.53 network::URLLoader::NotifyCompleted Heap Use-After-Free
Posted Oct 3, 2022
Authored by Google Security Research, Glazvunov

Google Chrome version 103.0.5060.53 (Official Build) and Chromium version 105.0.5148.0 (Developer Build) (64-bit) suffer from a network::URLLoader::NotifyCompleted heap use-after-free vulnerability.

tags | exploit
advisories | CVE-2022-3038
SHA-256 | 0a0cfa991a833e133ec250fb094a0a8fff51e2ddc48df648d1193d2e2686ead0

Related Files

Google Chrome Cross Site Scripting Protection Bypass
Posted May 26, 2011
Authored by Manuel Fernandez

A bypass vulnerability has been discovered in the Google Chrome cross site scripting filter.

tags | exploit, xss, bypass
SHA-256 | b886bd58cbc97af25ae7bfe032c24f90a0af6592e1298754105810d537a22a39
Secunia Security Advisory 44678
Posted May 25, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 3c5fde1929cc78f8310fb171a37fcc12487b03321c43fb7e87ce6832e46a725b
ChromeMedia SQL Injection
Posted May 24, 2011
Authored by Kalashinkov3

ChromeMedia suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 01493938394e0b17f9e89ff245a6bfa7e5bcfbd008998c2a913637a23baa26aa
Secunia Security Advisory 44591
Posted May 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 47bf67b8f1cc9f9f88a4e8929bef53d141c7024127e4763a96ea6328aa133a21
Mandriva Linux Security Advisory 2011-079
Posted Apr 30, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-079 - Chris Evans of the Chrome Security Team reported that the XSLT generate-id() function returned a string that revealed a specific valid address of an object on the memory heap. It is possible that in some cases this address would be valuable information that could be used by an attacker while exploiting a different memory corruption but, in order to make an exploit more reliable or work around mitigation features in the browser or operating system. Various other issues were also addressed.

tags | advisory, protocol
systems | linux, windows, mandriva
advisories | CVE-2011-1202, CVE-2011-0071, CVE-2011-0076, CVE-2011-0067, CVE-2011-0065, CVE-2011-0066, CVE-2011-0073, CVE-2011-0081, CVE-2011-0069, CVE-2011-0070, CVE-2011-0080, CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, CVE-2011-0078, CVE-2011-0072
SHA-256 | 1c95ea9cdefc67e8ee438446205a5ef410e3cfc12f3fd1aea55221701e09723d
Secunia Security Advisory 44375
Posted Apr 28, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct spoofing attacks, and potentially compromise a user's system.

tags | advisory, spoof, vulnerability
SHA-256 | 5c56aba1f06ba83ef23a4b1c2183d7e60fb3b5bf39a4240549d045d2437aa3b0
Google Chrome 10.0.648.205 Stack Overflow
Posted Apr 18, 2011
Authored by C4SS!0 G0M3S

Google Chrome version 10.0.648.205 stack exhaustion exploit.

tags | exploit
SHA-256 | 82d6dc22eadb26bdd8279068c3bbf816cda86c79a4185c6e44c2d3edaa340479
Secunia Security Advisory 44141
Posted Apr 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 877f2db93bcc46a32f3697d123e7c695c5acaa42d8d051a6b76694aa6348d629
Mandriva Linux Security Advisory 2011-061
Posted Apr 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-061 - oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause utils.c to use inconsistent codec types and identifiers, which causes the mp3 decoder to process a pointer for a video structure, leading to a stack-based buffer overflow. FFmpeg 0.5 allows remote attackers to cause a denial of service via a crafted file that triggers an infinite loop. The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service via a crafted AVI file that triggers a divide-by-zero error. Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read. flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. Fix memory corruption in WMV parsing. libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service via a crafted.ogg file, related to the vorbis_floor0_decode function. Multiple buffer overflows in vorbis_dec.c in the Vorbis decoder in FFmpeg, as used in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted WebM file, related to buffers for Fix heap corruption crashes. Fix invalid reads in VC-1 decoding. And several additional vulnerabilities originally discovered by Google Chrome developers were also fixed with this advisory. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-4632, CVE-2009-4633, CVE-2009-4634, CVE-2009-4635, CVE-2009-4636, CVE-2009-4639, CVE-2009-4640, CVE-2010-3429, CVE-2010-3908, CVE-2010-4704, CVE-2011-0480, CVE-2011-0722, CVE-2011-0723
SHA-256 | d6c3a6eef98903a7ea2ba82b2d03e09f18e14c6a66027b06acba91c42c4f166e
Mandriva Linux Security Advisory 2011-060
Posted Apr 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-060 - oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause utils.c to use inconsistent codec types and identifiers, which causes the mp3 decoder to process a pointer for a video structure, leading to a stack-based buffer overflow. The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service via a crafted AVI file that triggers a divide-by-zero error. Array index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read. flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an arbitrary offset dereference vulnerability. libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service via a crafted.ogg file, related to the vorbis_floor0_decode function. And several additional vulnerabilities originally discovered by Google Chrome developers were also fixed with this advisory.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-4632, CVE-2009-4633, CVE-2009-4634, CVE-2009-4635, CVE-2009-4639, CVE-2009-4640, CVE-2010-3429, CVE-2010-4704
SHA-256 | 72bda34e1a85cce233e9d75d74936eddfb6b008e8d850ac1e6308d2a939ee87b
Mandriva Linux Security Advisory 2011-059
Posted Apr 1, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-059 - Multiple integer underflows in FFmpeg 0.5 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that bypasses a validation check in vorbis_dec.c and triggers a wraparound of the stack pointer, or access a pointer from out-of-bounds memory in mov.c, related to an elst tag that appears before a tag that creates a stream. FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted MOV container with improperly ordered tags that cause utils.c to use inconsistent codec types and identifiers, which causes the mp3 decoder to process a pointer for a video structure, leading to a stack-based buffer overflow. The av_rescale_rnd function in the AVI demuxer in FFmpeg 0.5 allows remote attackers to cause a denial of service via a crafted AVI file that triggers a divide-by-zero error. And several additional vulnerabilities originally discovered by Google Chrome developers were also fixed with this advisory. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-4634, CVE-2009-4635, CVE-2009-4639
SHA-256 | 0a8a1f1e04b5536ef974768d7446ef1b4f3284aa9b838d04fa6ef7005a46de35
Secunia Security Advisory 43859
Posted Mar 26, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 037eb30fe40d79880c078a0e1e7c21860518c5425fd7f3169145f3a9c7c6f6c8
Secunia Security Advisory 43519
Posted Mar 19, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Google Chrome, where some have an unknown impact while others can be exploited to conduct spoofing attacks, disclose sensitive information, and potentially compromise a user's system.

tags | advisory, spoof, vulnerability
SHA-256 | ec0f94ec4cdbcce129001b69a67c0ec3311e2766ac832f36b98bed20be697b78
Secunia Security Advisory 43748
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
SHA-256 | df66275207c738d2f12c12599f66db6bb8a92677733d88957f881cee9e84bc1f
Secunia Security Advisory 43757
Posted Mar 15, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | e26da98bc59a24e494f19c3d15d2c9d5cd845d85f47743943142cab46272fd00
Ubuntu Security Notice USN-1050-1
Posted Mar 3, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1050-1 - Multiple vulnerabilities have been addressed in the thunderbird package. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. Roberto Suggi Liverani discovered a possible issue with unsafe JavaScript execution in chrome documents. A malicious extension could exploit this to execute arbitrary code with chrome privileges. Jordi Chancel discovered a buffer overflow in the JPEG decoding engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program.

tags | advisory, overflow, arbitrary, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-1585, CVE-2011-0053, CVE-2011-0061, CVE-2011-0062
SHA-256 | 8836e577ee50f8d9c44c673cd6c2023b5e0e25863e404007a67ab72883b61ce8
Secunia Security Advisory 43021
Posted Feb 10, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 1562abbb6725c4afaec2bd82d202924c6b13dd81977fa41b390864ec65573daf
Secunia Security Advisory 43193
Posted Feb 4, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some weaknesses and vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions and potentially compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 4d2c717d68a0391e183e2a1578115110367ef3a896d939b982902e5ccf2625cb
Google Chrome 8.0.552.237 Denial Of Service
Posted Jan 31, 2011
Authored by Carlos Mario Penagos Hollmann

Google Chrome version 8.0.552.237 .replace denial of service exploit.

tags | exploit, denial of service
SHA-256 | e0e27ad66fa3fe826ce6313c2a4f887fc4c3fe694a5833b340314ecc03d61f28
Google Chrome 8.0.552.237 Denial Of Service
Posted Jan 18, 2011
Authored by Vuk Ivanovic

Google Chrome version 8.0.552.237 address overflow denial of service exploit.

tags | exploit, denial of service, overflow
SHA-256 | 86e3260fd5f3b7844a252c40b35510d18e827ddf85b9df2ba6bfe2a3b4b2a2ff
Secunia Security Advisory 42850
Posted Jan 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to manipulate certain data and potentially compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 9f30379b1ba478ff26a019437801670d5ae5d7cdcb040b4d1e17bc4a671235ee
Ubuntu Security Notice USN-1043-1
Posted Jan 13, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1043-1 - It was discovered that a NULL pointer dereference in the code for handling transformations of monochrome profiles could allow an attacker to cause a denial of service through a specially crafted image.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2009-0793
SHA-256 | c62d421109160a585ae86d275e76b940f16932fb458022649ae1182da46a022e
Alternative JVM Exploit - Exploiting JVM On Chrome
Posted Jan 5, 2011
Authored by Legion Of XTRemers

Whitepaper called Alternative JVM Exploit - Exploiting JVM On Chrome.

tags | paper
SHA-256 | 7e227fd602969d05eea978eafa822da092f7099bb8ce85f5bd1026d9c8aa97df
Mandriva Linux Security Advisory 2010-251-2
Posted Dec 25, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-251 - Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine. Google security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. An attacker could use this bug to spoof the location bar and trick a user into thinking they were on a different site than they actually were. Mozilla security researcher moz_bug_r_a4 reported that the fix for could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges. Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that JavaScript arrays were vulnerable to an integer overflow vulnerability. Various other security issues were addressed in Firefox.

tags | advisory, overflow, arbitrary, spoof, javascript
systems | linux, mandriva
advisories | CVE-2010-3770, CVE-2010-3774, CVE-2010-3773, CVE-2010-3767, CVE-2010-3766, CVE-2010-3775, CVE-2010-3768, CVE-2010-3772, CVE-2010-3771, CVE-2010-3769, CVE-2010-3776, CVE-2010-3777
SHA-256 | d819a50e787340febec4c69fbf5ea3dad7d69ed9850f29dd083c8b955fddbc88
Secunia Security Advisory 42605
Posted Dec 21, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.

tags | advisory, denial of service, vulnerability
SHA-256 | d24ed18a500a1a41b034b08f12613e4e46934257fe66a4fd003a84460ce8719b
Page 3 of 4
Back1234Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close