exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

VUPEN Security Advisory
Posted Oct 15, 2010
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by an array indexing error when processing RealTimeData records in an Excel file, which could be exploited by remote attackers to execute arbitrary code by tricking a user into opening a specially crafted Excel document.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3240
SHA-256 | b0394ee0714f4a34f6b77d22e6092fa129ef3339828fc4d78a16e527c76d1e80

Related Files

Adobe Shockwave rcsL Record Array Indexing Vulnerability
Posted Aug 11, 2011
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Shockwave. The vulnerability is caused by an array indexing error in the "dirapi.dll" component when processing malformed data within the "rcsL" record, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web
SHA-256 | ebae7c8e4b3e98c31ecdf30a8b7435873c1dc320927f43e66e6c37e4eda6e5ea
Adobe Flash Player ActionScript FileReference Buffer Overflow
Posted Aug 11, 2011
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by a buffer overflow error when processing a malformed ActionScript FileReference method, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web, overflow
advisories | CVE-2011-2137
SHA-256 | 86c6eebd998ef19a66f897c458792f0e8d3b83f1a7b9d3f16cfdd6960d84e4ef
Microsoft Windows OLE Automation Integer Underflow
Posted Jun 18, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer underflow error in the Object Linking and Embedding (OLE) Automation component when processing malformed Windows Metafile (WMF) data via the "_PictLoadMetaFileRaw()" function, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web
systems | windows
advisories | CVE-2011-0658
SHA-256 | 0bcbe6ddf0f6d9f9565bd58d17901ffc57ad45dde4e3569f63328534b3f27176
Oracle Java ICC Profile "scrn" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "scrn" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | bd2b206e8cc01411d077ffd71f0fafae0c987444464bb20fda99e30bd818b823
Oracle Java ICC Profile "pseq" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "pseq" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | 678973558fee6d7c54c5b90eec131c79bd3a0357dbfa4eb1520a4ec67f37cad6
Oracle Java ICC Profile "ncl2" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "ncl2" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | e8f488754f08480d5e40ca95b2864ba0737678e88ade054dfd206889f6e07072
Oracle Java ICC Profile "mluc" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "mluc" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | 672490db1b7e734d96fdac53de3b57b95abfd9ee95d4201e9143bb6ef215fe8b
Oracle Java ICC Profile "bfd" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer truncation error in the Color Management Module (CMM) when processing a malformed "bfd" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, arbitrary
SHA-256 | cf0e788d1c843e3352da1703694e7f2744be0104b724b21b9d4cf89d96e5290a
Oracle Java ICC Profile "clrt" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "clrt" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | b9624b37a2d319db443cfde21d7b096739c7f479b3a17eae304af656f677d623
7T Interactive Graphical SCADA System Memory Corruption
Posted May 25, 2011
Authored by Sebastien Renaud, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in 7T Interactive Graphical SCADA System (IGSS). The vulnerability is caused by a memory corruption error in the Open Database Connectivity (ODBC) component when processing packets sent to port 20222/TCP, which could result in an invalid structure being used, leading to an exploitable condition. Versions prior to 9.0.0.11143 are affected.

tags | advisory, tcp
SHA-256 | 6e3832447425985a6f696ebb91be8820ba8801500741d4b2775eba9c6ee8f8c7
Apple Safari Text Nodes Remote Use-After-Free
Posted Apr 15, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when processing certain text nodes, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web, arbitrary
systems | apple
advisories | CVE-2011-1344
SHA-256 | 68273b636979cb1468a8090e5e58828a83e73978c0b22c05b24a4b9d3b8c295a
Microsoft Windows OpenType CFF Driver Stack Overflow
Posted Apr 15, 2011
Authored by Sebastien Renaud, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a stack overflow error in the OpenType Compact Font Format (CFF) driver "ATMFD.dll" when processing certain operands within an OpenType font, which could be exploited by remote attackers to execute arbitrary code on a vulnerable Windows 7, Windows Server 2008, Windows Server 2008 R2, and Windows Vista systems via a malicious font, or by local attackers to gain elevated privileges on Windows XP and Windows Server 2003 systems via a malicious application.

tags | advisory, remote, overflow, arbitrary, local
systems | windows
advisories | CVE-2011-0034
SHA-256 | 4f3f32b3d21c7c657379213dbce2194f42ee815379440a6a45b032df836b15a9
Microsoft Office Excel Real Time Data Stack Overwrite
Posted Apr 15, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a stack overwrite error when parsing the RTD RealTimeData record (0813h), which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted Excel document.

tags | advisory
advisories | CVE-2011-0105
SHA-256 | eb83b04f992840bb6eff2e981e45c08f92921571c592f54407896f0ebe817d1c
Microsoft Internet Explorer Property Change Memory Corruption
Posted Apr 15, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CObjectElement::OnPropertyChange()" function within the MSHTML library when handling objects, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 6, 7, and 8 are affected.

tags | advisory, remote, web
advisories | CVE-2011-1345
SHA-256 | 59606c9acd8d8332ddbbdbeff4cd06911f15ac789a3a6ee075f3c52dff906ea9
Microsoft Internet Explorer Layouts Use-After-Free
Posted Apr 15, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CSpliceTreeEngine::InsertSplice()" function within the MSHTML library when handling layouts, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 6 and 7 are affected.

tags | advisory, remote, web
advisories | CVE-2011-0094
SHA-256 | b8d96323c4a211ae41bedf90189a3872ffab299ee06c72ee8c21def85c12f670
Microsoft Windows GDI+ Size Handling Integer Overflow
Posted Apr 14, 2011
Authored by Nicolas Joly, Chaouki Bekrar, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the GDI+ library when parsing certain values within a EMF image file, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.

tags | advisory, web, overflow
systems | windows
SHA-256 | e9d976818013ca305eba57812572521d3237061c36f4c3f3f638dc81c1690983
Microsoft Office MSO Size Handling Integer Overflow
Posted Apr 14, 2011
Authored by Nicolas Joly, Chaouki Bekrar, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office. The vulnerability is caused by an integer overflow error in the MSO component when parsing certain values within an Office document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a malformed Office file (e.g. Word). Microsoft Office XP Service Pack 3 is affected.

tags | advisory, overflow
SHA-256 | 2d2ef1ad1bdc1ee43e992f908da55b1ea19d51d2bcabcf4e211f64a913e1e003
Apple Safari WebKit Block Dimensions Handling Integer Overflow
Posted Mar 15, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by an integer overflow error in the WebKit library when handling block dimensions, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.

tags | advisory, remote, web, overflow
systems | apple
SHA-256 | 9ea8e14eaede3a9009c52340df2c57af7b693d761077f23322ac3fb77375bf67
Apple Safari WebKit Scroll Event Handling Remote Use-After-Free
Posted Mar 14, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain scroll events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.

tags | advisory, remote, web
systems | apple
SHA-256 | 3eac3c011875096426021de4ca49199e1fcbfae351d58fd4ff58b13456d57a6c
Apple Safari WebKit Iframe Event Handling Remote Use-After-Free
Posted Mar 14, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain iframe events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.

tags | advisory, remote, web
systems | apple
SHA-256 | 80e96a9a3ad610f44e28f2afac84eacff444a571e1cc7649b9d31addcf586567
Microsoft Windows Shell Graphics biCompression Buffer Overflow
Posted Feb 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a buffer overflow error in the Windows Shell graphics processor when parsing the "biCompression" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.

tags | advisory, remote, overflow, shell
systems | windows
SHA-256 | e45dd38c15740c3e6e5ddc9d40c8fcbd4f3bb920137a89049bbe72c5ba971917
Microsoft Windows Shell Graphics BMP "height" Integer Overflow
Posted Feb 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the Windows Shell graphics processor when parsing the "height" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.

tags | advisory, remote, overflow, shell
systems | windows
SHA-256 | 9a72023ae91a8044eca541def5bf1939d6dd53c305c5ed8be72523cab22c8350
Microsoft Windows Shell Graphics BMP "width" Integer Overflow
Posted Feb 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the Windows Shell graphics processor when parsing the "width" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.

tags | advisory, remote, overflow, shell
systems | windows
SHA-256 | 424e76ac6176134b9620fc780ea75da7e66aee6adb5388e91cf75fdc7beeb515
Microsoft Internet Explorer "mshtml.dll" Dangling Pointer
Posted Feb 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a dangling pointer in the "mshtml.dll" library when handling certain object manipulations, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page. Internet Explorer versions 6, 7, and 8 are affected.

tags | advisory, remote, web, arbitrary
advisories | CVE-2011-0036
SHA-256 | 3ec085c704a69847706bc827f9318c129f1ec314e1cffd5e14399f41cbc973f2
Adobe Shockwave DIRAPI Lctx Chunk Memory Corruption
Posted Feb 14, 2011
Authored by Chaouki Bekrar, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Shockwave. The vulnerability is caused by a memory corruption error in the "DIRAPI.dll" module when processing the "LCTX" chunk within a Director File, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page. Adobe Shockwave Player versions 11.5.9.615 and prior are affected.

tags | advisory, remote, web, arbitrary
SHA-256 | a14685bc6080babb1b766400a94d5de2768c47bc73bcd035cb57c90a363fe819
Page 2 of 4
Back1234Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close