exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

iDEFENSE Security Advisory 2009-05-12.8
Posted May 13, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing the Notes container inside of the PowerPoint Document stream. This container is used to hold records related to notes that appear on the slides. By inserting a value into a container, it is possible to trigger a memory corruption vulnerability. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3, 2002 XP SP3, 2003 SP2, and 2003 SP3.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2009-1130
SHA-256 | 7f7588e5d20993d1557ddc70301247408570fff65a0c66bc08fa4e5e6d678106

Related Files

iDefense Security Advisory 10.12.11 - OfficeImport
Posted Oct 14, 2011
Authored by iDefense Labs, Tobias Klein | Site idefense.com

iDefense Security Advisory 10.12.11 - Remote exploitation of a memory corruption vulnerability in Apple Inc.'s OfficeImport framework could allow an attacker to execute arbitrary code with the privileges of the current user. iOS versions prior to 5 are vulnerable.

tags | advisory, remote, arbitrary
systems | cisco, apple
advisories | CVE-2011-3260
SHA-256 | 942d74f656f37c0e192a61cad927f560e615855d6d84fc3d9b682b994f4e47bf
iDefense Security Advisory 10.12.11 - MobileSafari
Posted Oct 14, 2011
Authored by iDefense Labs, Christian Matthies | Site idefense.com

iDefense Security Advisory 10.12.11 - Remote exploitation of a cross site scripting vulnerability in Apple Inc.'s MobileSafari could allow an attacker to view sensitive information in the context of the targeted domain. iOS versions prior to 5 are vulnerable.

tags | advisory, remote, xss
systems | cisco, apple
advisories | CVE-2011-3426
SHA-256 | f0c865bb1f976b089d902e9f7390f2f2ca0c59d60500b96ec2cbe3e73945e00c
iDefense Security Advisory 10.11.11 - Internet Explorer
Posted Oct 13, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 10.11.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when a Javascript event handler such as "onload" is set to a Javascript object's attributes or childNodes collection. A event object is created and this object's memory is later freed; however, a reference to the object remains. When the reference is later used to access the event object, this now-invalid memory is treated as a valid object. The corrupt object's vtable is used to make an indirect function call. This may result in the execution of arbitrary code. Microsoft Internet Explorer 6 is vulnerable.

tags | advisory, remote, arbitrary, javascript
advisories | CVE-2011-1997
SHA-256 | a4cc81d5475470608b44363a528ccde05f1dbe3da1d6719cf0e9b5d63761b2d0
iDefense Security Advisory 09.26.11 - Novell Groupwise Memory Corruption
Posted Sep 28, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.26.11 - Remote exploitation of a memory corruption vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed calendar recurrence (RRULE) that recurs weekly. Specifically, by using a negative integer for the BYWEEKNO property, it is possible to trigger a write operation beyond the bounds of an allocated heap buffer. This can lead to the corruption of memory, and the execution of arbitrary code.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2662
SHA-256 | c3a21b221a5ca43b424d4c87ecdc5132c8fd5e83be4966ed52bb847af74da8e6
iDefense Security Advisory 09.26.11 - Novell Groupwise Memory Corruption
Posted Sep 28, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.26.11 - Remote exploitation of a memory corruption vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed calendar recurrence (RRULE) that recurs yearly. When adding a sequence of dates, it is possible to trigger an invalid array indexing vulnerability, and write beyond the bounds of a heap buffer. This can lead to the execution of arbitrary code. Novell GroupWise 8.0x up to (and including) 8.02HP2 are vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2663
SHA-256 | e0e79989e42a8350fda243c95b2a87e6ecde82bbd0ea9bc0fb9a7e5eab17ade1
iDefense Security Advisory 09.26.11 - Novell Groupwise Heap Overflow
Posted Sep 28, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.26.11 - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed calendar recurrence (RRULE) that recurs on weekdays. A heap based buffer overflow can be triggered due to the lack of checks to ensure that there is enough space in the buffer to hold all of the RRULE entry data. Novell GroupWise 8.0x up to (and including) 8.02HP2 are vulnerable.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-4325
SHA-256 | 74cad0c15a570d196b3c7330c61160de1f4e97c9b98ebe52b30ebecc7523282c
iDefense Security Advisory 09.26.11 - Novell Heap Overflow
Posted Sep 28, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.26.11 - Remote exploitation of a heap overflow vulnerability in Novell Inc.'s GroupWise could allow an attacker to execute arbitrary code with the privileges of the affected service. This vulnerability is present in the calendar processing code, which resides within the GroupWise Internet Agent (GWIA) process. The vulnerability occurs when parsing a malformed time zone description field (TZNAME). A heap based buffer overflow can be triggered by supplying an excessively long string when copying the time zone name. Novell GroupWise 8.0x up to (and including) 8.02HP2 are vulnerable.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2011-0333
SHA-256 | e41ab71e11203562d3548c254ffc04693eed7151c500e97d4f2b72313daa62d2
iDefense Security Advisory 09.13.11 - Adobe Reader Use After Free
Posted Sep 14, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.13.11 - Remote exploitation of a use after free vulnerability in Adobe Systems Inc.'s Reader could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a JPEG file embedded inside a PDF file. When processing specific JPEG markers, Adobe Reader creates an object on the stack and keeps a pointer to that object in another place. The pointer is later dereferenced after the object on the stack becomes invalid. This can lead to the execution of arbitrary code.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2440
SHA-256 | 98246f4d76ea0a617b57b64ceace44db1008e3811fb8221ea6c9acf39959a89e
iDefense Security Advisory 09.13.11 - Excel Memory Corruption
Posted Sep 14, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.13.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when Excel parses a certain specially crafted record in an Excel file. A specific value in the record can trigger a memory corruption vulnerability and may allow arbitrary code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-1988
SHA-256 | 53724cb5cc8727f4c7f8eba8148efebb5736319a5c8c2d06831b11effdc1d854
iDefense Security Advisory 09.13.11 - Excel Integer Signedness
Posted Sep 14, 2011
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 09.13.11 - Remote exploitation of an integer signedness vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability is an integer signedness issue that leads to an invalid array indexing vulnerability. It is triggered by a certain record with a negative 'iax' field.

tags | advisory, remote, arbitrary
advisories | CVE-2011-1987
SHA-256 | 97bc0394f99e9d978267b86461be984afd78303388de888ffd6878ef285734b5
iDefense Security Advisory 09.13.11 - Excel Memory Corruption
Posted Sep 14, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 09.13.11 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when Excel parses a certain specially crafted record in an Excel file. An invalid value of the length field in the record header can trigger an error condition and result in using memory content which has already been freed and may allow arbitrary code execution.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-1986
SHA-256 | e09343c3f7890e4c5bf50eec1fb9f834e5524c580f5c602204351b7dc18d009c
iDefense Security Advisory 08.09.11 - Flash Player Integer Overflow
Posted Aug 11, 2011
Authored by iDefense Labs, Vitaliy Toropov | Site idefense.com

iDefense Security Advisory 08.09.11 - Remote exploitation of an integer overflow vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user. During the allocation of an array within a certain internal ActionScript function, a size calculation may cause an integer value to overflow. This condition may lead to the bounds of an undersized array being overflown during a memory copy operation. This can result in arbitrary code execution.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2011-2416, CVE-2011-2136
SHA-256 | ad96594bfd0771b3e3c7af67f19881e8a68ee7601ad242799dc2d78119f54b9b
iDefense Security Advisory 08.09.11 - Flash Memory Corruption
Posted Aug 11, 2011
Authored by iDefense Labs, wushi | Site idefense.com

iDefense Security Advisory 08.09.11 - Remote exploitation of a memory corruption vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a maliciously formatted sequence of ActionScript code inside an Adobe Flash file. The problem exists in a certain ActionScript function method of the built-in "flash.display" class. When malformed parameters are supplied to this function, a memory corruption will occur, leading to an exploitable condition.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2135
SHA-256 | 5692748af42e9e662e7a1d8d5215229cc7299a504565cac5bb0c4e3bafd8e0df
iDefense Security Advisory 07.20.11 - Webkit Memory Corruption
Posted Jul 21, 2011
Authored by iDefense Labs, wushi | Site idefense.com

iDefense Security Advisory 07.20.11 - Remote exploitation of a memory corruption vulnerability in WebKit, as included with multiple vendors' browsers, could allow an attacker to execute arbitrary code with the privileges of the current user. Scalable Vector Graphics (SVG) is an XML based file format used to describe two dimensional vector graphics. It defines both a markup language, and a JavaScript interface. When parsing a series of SVG tags, and then manipulating them via JavaScript, Safari fails to handle exceptional conditions. It is possible to trigger a use after free vulnerability by manipulating the animVal property of various SVG tags. This leaves a C++ object pointer in an inconsistent state, which can lead to the execution of arbitrary code. Safari versions prior to 5.1 and 5.0.6 are vulnerable.

tags | advisory, remote, arbitrary, javascript
advisories | CVE-2011-0240
SHA-256 | 99c8cb11dcb256c511dc2217aaa40292d8c285040e8f55bc2b42756ce98c3948
iDefense Security Advisory 07.20.11 - Safari Memory Corruption
Posted Jul 21, 2011
Authored by iDefense Labs, wushi | Site idefense.com

iDefense Security Advisory 07.20.11 - Remote exploitation of a memory corruption vulnerability in Apple Inc.'s Safari browser could allow an attacker to execute arbitrary code with the privileges of the current user. Safari is Apple's Web browser and is based on the open source WebKit browser engine. This vulnerability occurs when Safari incorrectly handles an error state when encountering a broken XHTML tag. Specifically, the tag enclosing the tag being processed is freed and is then referenced after it has already been freed. This can lead to the execution of arbitrary code. Safari versions prior to 5.1 and 5.0.6 are vulnerable.

tags | advisory, remote, web, arbitrary
systems | apple
advisories | CVE-2011-0234
SHA-256 | 451fa0ffe2995cf2fabae89ed282d4b2fbe5371f34e100141b87a568287fd5e3
iDefense Security Advisory 07.20.11 - WebKit Heap Overflow
Posted Jul 21, 2011
Authored by iDefense Labs, Jose Antonio Vazquez Gonzalez | Site idefense.com

iDefense Security Advisory 07.20.11 - Remote exploitation of a heap based buffer overflow vulnerability in WebKit, as included with Apple Inc.'s Safari Web browser, could allow an attacker to execute arbitrary code with the privileges of the current user. Safari versions prior to 5.1 and 5.0.6 are vulnerable.

tags | advisory, remote, web, overflow, arbitrary
systems | apple
advisories | CVE-2011-0223
SHA-256 | 30357d20ea6ff88371b69718cc38e33ee295d328c17ebae326814210907aea07
iDefense Security Advisory 07.20.11 - WebKit Use-After-Free
Posted Jul 21, 2011
Authored by iDefense Labs, Juan Pablo Lopez Yacubian | Site idefense.com

iDefense Security Advisory 07.20.11 - Remote exploitation of a use-after-free vulnerability in WebKit, as included with Apple Inc.'s Safari Web browser, could allow an attacker to execute arbitrary code with the privileges of the current user. Safari versions prior to 5.1 and 5.0.6 are vulnerable.

tags | advisory, remote, web, arbitrary
systems | apple
advisories | CVE-2011-0215
SHA-256 | 39374d59c6744df1acd9d024f26b7ac639e74b9c9f0cf1837c63f04ecdcb573b
iDefense Security Advisory 07.20.11 - MathML Use-After-Free
Posted Jul 21, 2011
Authored by iDefense Labs, wushi | Site idefense.com

iDefense Security Advisory 07.20.11 - Remote exploitation of a use-after-free vulnerability in WebKit, as included with multiple vendors' browsers, could allow an attacker to execute arbitrary code with the privileges of the current user. Safari versions prior to 5.1 and 5.0.6 are vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2011-1449
SHA-256 | 53730b1d8512f5363490f9170bba7812a1775127b9e9b802e2a0d79ffc794e42
iDefense Security Advisory 07.14.11 - Citrix Code Execution
Posted Jul 16, 2011
Authored by Michal Trojnara, iDefense Labs | Site idefense.com

iDefense Security Advisory 07.14.11 - Remote exploitation of a buffer overflow in Citrix Systems, Inc.'s Access Gateway Client ActiveX control allows remote attackers to execute arbitrary code. To exploit this vulnerability, a targeted user must load a malicious Web page created by an attacker. An attacker typically accomplishes this via social engineering or injecting content into compromised, trusted sites. Versions affected are 8.1 prior to 8.1-67.7, 9.0 prior to 9.0-70.5, and 9.1 prior to 9.1-96.4.

tags | advisory, remote, web, overflow, arbitrary, activex
SHA-256 | 7da340d19926e061e5ff91def8e4cab80314786c667bc814ad98db464a3d4ca0
iDEFENSE Security Advisory 2011-06-14.2
Posted Jun 18, 2011
Authored by iDefense Labs, Luigi Auriemma | Site idefense.com

iDefense Security Advisory 06.14.11 - Remote exploitation of a heap overflow vulnerability in Adobe Systems Inc.'s Shockwave could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when Shockwave processes a maliciously constructed "DRCF" chunk. Specifically, when parsing a substructure inside of this chunk, it is possible to trigger a code path that leads to an incorrect string copy operation. The vulnerable code performs a certain operation on a heap-based buffer, which has the effect of overwriting the NULL terminator of the string in the middle of the copy operation. This will lead to an endless copy loop until the read operation hits the end of the memory segment. This operation writes beyond the allocated heap buffer, and can lead to the execution of arbitrary code. Shockwave Player version 11.5.9.620 and prior are vulnerable.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2011-0335
SHA-256 | 3b0ec1fef75086d0e796f5ce1dea0706958798bc9b403f2258059ba1d3e7612f
iDEFENSE Security Advisory 2011-06-14.1
Posted Jun 18, 2011
Authored by iDefense Labs, Luigi Auriemma | Site idefense.com

iDefense Security Advisory 06.14.11 - Remote exploitation of a integer signedness vulnerability in Adobe Systems Inc.'s Shockwave could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when Shockwave processes a maliciously constructed "Lscr" record. This record can embed Lingo script code, which is Shockwave's scripting language. The vulnerability occurs when processing certain opcodes. Specifically, a 32-bit value from the file is used as an offset into a heap buffer without proper validation. When comparing the value to the maximum buffer size, a signed comparison is performed. By using a negative value, it is possible to index outside of the allocated buffer. This results in data outside of the buffer being treated as a valid pointer, and this pointer is later used as the destination of a write operation. This can corrupt an arbitrary memory address, which can lead to the execution of arbitrary code. Shockwave Player version 11.5.9.620 and prior are vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2011-0335
SHA-256 | 952c40d913beb9b78faaad430aeb7a3d76e8f0453128f6534822d4e3d407462d
iDEFENSE Security Advisory 2011-05-03.1
Posted Jun 7, 2011
Authored by iDefense Labs, Elazar Broad | Site idefense.com

iDefense Security Advisory 05.03.11 - Remote exploitation of a memory corruption vulnerability in Tom Sawyer Software's GET Extension Factory could allow an attacker to execute arbitrary code with the privileges of the affected user. The vulnerability exists within the way that Internet Explorer instantiates GET Extension Factory COM objects, which is not intended to be created inside of the browser. The object does not initialize properly, and this leads to a memory corruption vulnerability that an attacker can exploit to execute arbitrary code. iDefense has confirmed Tom Sawyer's Default GET Extension Factory 5.5.2.237, tsgetxu71ex552.dll and tsgetx71ex552.dll to be vulnerable. VMWare VirtualCenter 2.5 Update 6, VirtualCenter 2.5 Update 6a is vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2217
SHA-256 | 89e761d3006064aa0cb7047c51e258a8fb835fa7074ae8fa3a7bc2617ae3788a
iDEFENSE Security Advisory 2011-06-01.1
Posted Jun 4, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 06.01.11 - Remote exploitation of a design error within Cisco Systems Inc's AnyConnect VPN client allows attackers to execute arbitrary code with the privileges of a user running Internet Explorer. Cisco AnyConnect VPN client versions prior to 2.3.185 for Windows, 2.5.3041 and 3.0.629 for Linux and Apple Mac OS X are vulnerable.

tags | advisory, remote, arbitrary
systems | cisco, linux, windows, apple, osx
advisories | CVE-2011-2039
SHA-256 | 96607ad5bdb47410c34ae00de556f9b206fa53b2e1d72debfc2be9cac1c836fd
iDEFENSE Security Advisory 2011-05-24.4
Posted May 26, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 05.24.11 - Remote exploitation of a stack buffer overflow vulnerability in IBM Corp.'s Lotus Notes could allow an attacker to execute arbitrary code in the context of the current user. <BR> <BR> The vulnerability occurs during the processing of tag information contained within an Applix document. A memory copy operation within a loop may cause tag data to overflow the bounds of a stack buffer. This condition may lead to arbitrary code execution. Lotus Notes versions 6.0, 6.5, 7.0, 8.0, 8.5 are vulnerable.

tags | advisory, remote, overflow, arbitrary, code execution
SHA-256 | a8a2aeff464a0fe8020b6d54159559ad4b0b08a4817d14678068c1e961f04339
iDEFENSE Security Advisory 2011-05-24.1
Posted May 26, 2011
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 05.24.11 - Remote exploitation of a stack buffer overflow vulnerability in IBM Corp.'s Lotus Notes could allow an attacker to execute arbitrary code in the context of the current user. The vulnerability occurs during the processing of header information contained within a LZH archive file. A length calculation may cause an integer value to underflow and result in a large length value. A memory copy operation using the length value may cause LZH data to overflow the bounds of a stack buffer. This condition may lead to arbitrary code execution. Lotus Notes versions 6.0, 6.5, 7.0, 8.0, 8.5 are vulnerable.

tags | advisory, remote, overflow, arbitrary, code execution
SHA-256 | 5fd65cb5d6986403e249afb125a0e9a9ae2a97494d1f961b19e52d154e4bb671
Page 1 of 4
Back1234Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close