<< Previous Next >>
memory corruption
Title
-----
DDIVRT-2009-24 Precidia Ether232 Memory Corruption
Severity
--------
Medium
Date Discovered
---------------
PoC URL : http://lcamtuf.coredump.cx/ierace/
Bulletin : http://www.microsoft.com/technet/security/bulletin/MS09-019.mspx
Notes : additional credit to David Bloom for developing an improved
proof-of-concept exploit
Summary : MSIE memory corruption on page transitions
Impact : memory corruption, potential code execution
Reported : April 2008 (privately)
PoC URL : http://lcamtuf.coredump.cx/stest/ (fuzzers)
Bulletin : http://www.microsoft.com/technet/security/Bulletin/MS09-014.mspx
Notes : -
Multiple vulnerabilities has been found and corrected in
mozilla-thunderbird:
Unspecified vulnerability in Mozilla Firefox 3 allows remote attackers
to execute arbitrary code via unknown vectors that trigger memory
corruption, as demonstrated by Nils during a Pwn2Own competition at
CanSecWest 2010 (CVE-2010-1121).
Integer overflow in the nsGenericDOMDataNode::SetTextInternal function
in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4,
Thunderbird before 3.0.5, and SeaMonkey before 2.0.5 allows remote
Source: https://www.evilfingers.com/advisory/Advisory/Avast_aswMon2.sys_kernel_memory_corruption_and_Local_Privilege_Escalation.php
-----------[Avast aswMon2.sys kernel memory corruption and Local Privilege Escalation]--------->
Author: Giuseppe 'Evilcry' Bonfa'
E-Mail: evilcry {AT} GMAIL {DOT} COM<br>
Website: http://evilcry.netsons.org<br>
http://evilcodecave.blogspot.com<br>
http://evilcodecave.wordpress.com<br>
Eric Sesterhenn reported a local DoS issue in the hfsplus
filesystem. Local users who have been granted the privileges
necessary to mount a filesystem would be able to craft a corrupted
filesystem that causes the kernel to overrun a buffer, resulting
in a system oops or memory corruption.
CVE-2008-4934
Eric Sesterhenn reported a local DoS issue in the hfsplus
filesystem. Local users who have been granted the privileges
Security issues were identified and fixed in firefox 3.0.x:
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1,
and Thunderbird allow remote attackers to cause a denial of service
(memory corruption and application crash) or possibly execute arbitrary
code via unknown vectors (CVE-2009-3979).
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird
allow remote attackers to cause a denial of service (memory corruption
arbitrary code via a large text value for a node (CVE-2010-1199).
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird
before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to
cause a denial of service (memory corruption and application crash)
or possibly execute arbitrary code via unknown vectors (CVE-2010-1200).
Multiple unspecified vulnerabilities in the JavaScript engine in
Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, Thunderbird
before 3.0.5, and SeaMonkey before 2.0.5 allow remote attackers to
Core Security Technologies - CoreLabs Advisory
http://www.coresecurity.com/corelabs
Firebird Remote Memory Corruption
*Advisory Information*
Title: Firebird Remote Memory Corruption
Advisory ID: CORE-2007-1219
AhnLab AntiVirus Remote Kernel Memory Corruption
Sowhat of Nevis Labs
HTTP://www.nevisnetworks.com
http://secway.org/advisory/AD20071116.txt
Vendor:
AhnLab Inc.
CVE-2010-3765
Xulrunner allows remote attackers to execute arbitrary code
via vectors related to nsCSSFrameConstructor::ContentAppended,
the appendChild method, incorrect index tracking, and the
creation of multiple frames, which triggers memory corruption.
CVE-2010-3174
CVE-2010-3176
Multiple unspecified vulnerabilities in the browser engine in
Xulrunner allow remote attackers to cause a denial of service
Adobe Reader 9.3.4 Multiple Memory Corruption - Security Advisory - SOS-10-003
Release Date. 6-Oct-2010
Last Update. -
Vendor Notification Date. 26-Jul-2010
Product. Adobe Reader
Adobe Acrobat
Platform. Microsoft Windows
Affected versions. 9.3.4 verified and
possibly others.
(CVE-2010-3769).
Multiple unspecified vulnerabilities in the browser engine in Mozilla
Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before
3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow
remote attackers to cause a denial of service (memory corruption and
application crash) or possibly execute arbitrary code via unknown
vectors (CVE-2010-3776).
Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13
and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause
CVE-2010-3908
FFmpeg before 0.5.4, allows remote attackers to cause a denial of service
(memory corruption and application crash) or possibly execute arbitrary code
via a malformed WMV file.
CVE-2010-4704
Title:
======
Skype v5.6.59.x - Memory Corruption Vulnerability
Date:
=====
2012-02-17
Note: All of the vulnerabilities are reported in Holdem Manager Professional,
poker tracking
software.
1. Holdem Manager 1.11 "Concat" Session Module Memory Corruption
2. Holdem Manager 1.11 Collection Modification Memory Corruption
3. Holdem Manager 1.11 All Hands Function Memory Corruption
Vulnerability Details
Mariusz Mlynski discovered that privileges could be escalated through
a Javascript URL as the home page.
CVE-2012-0461
Bob Clary discovered memory corruption bugs, which may lead to the
execution of arbitrary code.
CVE-2012-0467
Bob Clary, Christian Holler, Brian Hackett, Bobby Holley, Gary
<?php
/*
Microsoft Windows Fax Services Cover Page Editor (.cov) Memory Corruption poc
by Andrea Micalizzi aka rgod
tested on: Microsoft Windows Server 2003 Standard Edition r2 sp2 all patched
vulnerability:
Microsoft Cover Page Editor (fxscover.exe, version 5.2 r2
(Build 3790.srv03_sp2_gdr.100216-1301: Service Pack 2)
http://office.microsoft.com/en-us/powerpoint/default.aspx
II. DESCRIPTION
Remote exploitation of a memory corruption vulnerability in Microsoft
Corp.'s PowerPoint could allow an attacker to execute arbitrary code
with the privileges of the current user.
The vulnerability occurs during the parsing of the BuildList record.
This record is a container for other records that describe charts and
http://office.microsoft.com/excel/
II. DESCRIPTION
Remote exploitation of a memory corruption vulnerability in Microsoft
Corp.'s Excel spreadsheet could allow attackers to execute arbitrary
code with the privileges of the current user.
This issue exists in the handling of certain malformed object records
within an Excel spreadsheet (XLS), allowing memory corruption to occur.
Release mode: Coordinated release
*Vulnerability Information*
Class: Arbitrary memory corruption
Remotely Exploitable: Yes (client-side)
Locally Exploitable: No
Bugtraq ID: 28007
CVE Name: CVE-2008-0984
Buffer overflow in the RTL8169 NIC driver (drivers/net/r8169.c)
in the Linux
kernel before 2.6.30 allows remote attackers to cause a denial
of service
(kernel memory corruption and crash) via a long packet. (CVE-2009-1389)
The inode double locking code in fs/ocfs2/file.c in the Linux kernel
2.6.30
before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and
possibly other versions down to 2.6.19 allows local users to cause
Apple Safari Remote Memory Corruption Vulnerability
2009.June.09
Fortinet's FortiGuard Global Security Research Team Discovers Vulnerability in Apple Safari.
Summary:
========
A memory corruption vulnerability exists in Apple Safari which allows a remote attacker to execute arbitrary code through a malicious webpage.
Impact:
fixed) there is really no need to.
III. Impact
~~~~~~~~~~~
Memory corruption due to a write attempt to a user controlable offset.
i.e exploitable. The Java VM is reachable through every major browser.
IV. Disclosure timeline
~~~~~~~~~~~~~~~~~~~~~~~~~
CVE ID: CVE-2011-2122
Risk Level: High
Vulnerability: Memory Corruption
Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Adobe Shockwave Player. User interaction is required to trigger this vulnerability in that the target must visit a malicious page or open a malicious file.
A memory corruption vulnerability in the Dirapi.dll component that could lead to code execution. By crafting specific values within rcsL substructures an attacker can corrupt memory.
before 2.5.6 allows remote attackers to cause a denial of service
(application crash) via a QQ packet (CVE-2009-1374).
The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before
2.5.6 does not properly maintain a certain buffer, which allows
remote attackers to cause a denial of service (memory corruption
and application crash) via vectors involving the (1) XMPP or (2)
Sametime protocol (CVE-2009-1375).
Multiple integer overflows in the msn_slplink_process_msg functions in
the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and
ZDI-09-012: Microsoft Internet Explorer Malformed CSS Memory Corruption
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-012
February 10, 2009
-- CVE ID:
CVE-2009-0076
-- Affected Vendors:
Microsoft
Microsoft Office Excel Remote Memory Corruption Vulnerability
2009.April.14
Fortinet's FortiGuard Global Security Research Team Discovers Vulnerability in Microsoft Office Excel.
Summary:
========
A memory corruption vulnerability exists in Microsoft Office Excel which allows a remote attacker to compromise a system through a malicious document.
Impact:
Microsoft Internet Explorer Remote Memory Corruption Vulnerability
2010.January.21
Summary:
========
Fortinet's FortiGuard Labs has discovered a memory corruption vulnerability in Microsoft's Internet Explorer.
Impact:
=======
Remote Code Execution.
Fortinet Discovers Vulnerability in Indeo Codec
2009.December.08
Summary:
Fortinet's FortiGuard Labs Discovers Memory Corruption Vulnerability in Indeo Codec.
Impact:
Remote Code Execution.
ZDI-09-039: Microsoft Internet Explorer onreadystatechange Memory Corruption
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-039
June 10, 2009
-- CVE ID:
CVE-2009-1531
-- Affected Vendors:
Microsoft
<<Previous Next>>
|
