Next Page >>
Arbitrary code execution
.text:10001220 push eax
.text:10001221 call ZwQueryObject ; query object
name information
---
Arbitrary code execution is probably impossible, since an attacker
does not control content which will be written to the pointers under
user's control.
These drivers are only present after installation of the application -
after reboot they are not loaded. There is strong possibility that
Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution
1. OVERVIEW
Jcow CMS versions (4.x: 4.2 and lower, 5.x: 5.2 and lower) are
vulnerable to Arbitrary Code Execution.
> From: rdancer@gmail.com [mailto:rdancer@gmail.com] On Behalf
> Of Jan Minr
> Sent: Friday, 22 August, 2008 10:26
> To: bugs@vim.org; vim-dev@vim.org;
> full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
> Subject: Vim: Arbitrary Code Execution in Commands: K, Control-], g]
>
> Vim: Arbitrary Code Execution in Commands: K, Control-], g]
This report greatly overstates the danger of this bug. It's worth reading the discussion from the Vim Dev list (Minr's [2] below).
1. Summary
Product : Vim -- Vi IMproved
Version : Tested with 7.1.314 and 6.4
Impact : Arbitrary code execution
Wherefrom: Local and remote
Original : http://www.rdancer.org/vulnerablevim.html
Improper quoting in some parts of Vim written in the Vim Script can lead to
arbitrary code execution upon opening a crafted file.
Anonymous Remote Arbitrary Code Execution in Alien Arena 7.30
-------------------------------------------------------------
October 21st, 2009
=======
Summary
=======
Name: Anonymous Remote Arbitrary Code Execution in Alien Arena 7.30
Release Date: October 21st, 2009
===============================================================
Ghostscript, multiple arbitrary code execution vulnerabilities
May 11, 2010
CVE-2010-1869
===============================================================
==Description==
Ghostscript (www.ghostscript.com), an interpreter for the PostScript language,
is vulnerable to two memory corruption vulnerabilities:
Vim: Arbitrary Code Execution in Commands: K, Control-], g]
1. SUMMARY
Product : Vim -- Vi IMproved
Versions : 3.0--current, possibly older
Impact : Arbitrary code execution
Wherefrom: Local
Original : http://www.rdancer.org/vulnerablevim-K.html
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01420154
Version: 1
HPSBTU02325 SSRT080006 rev.1 - HP Internet Express for Tru64 UNIX running PostgreSQL, Arbitrary Code Execution, Privilege Elevation, or Denial of Service (DoS)
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-04-01
Last Updated: 2008-04-01
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c01599836
Version: 1
HPSBTU02382 SSRT080132 rev.1 - HP Secure Web Server for Tru64 UNIX or Internet Express for Tru64 UNIX running PHP, Remote Denial of Service (DoS) or Arbitrary Code Execution
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2008-11-25
Last Updated: 2008-11-25
Remote Arbitrary Code Execution Vulnerability in UFO: Alien Invasion
--------------------------------------------------------------------
June 18th, 2010
=======
Summary
=======
Name: Remote Arbitrary Code Execution Vulnerability in UFO: Alien Invasion
Release Date: June 18th, 2010
2010.Nov.04
Summary:
Fortinet's FortiGuard Labs has discovered a Memory corruption vulnerability in Adobe Flash Player(Flash10h.ocx), which may lead to arbitrary code
execution or Denial of Service.
Impact:
Arbitrary Code Execution or Denial of Service
Synopsis
========
Multiple vulnerabilities have been discovered in Ruby that allow for
attacks including arbitrary code execution and Denial of Service.
Background
==========
Ruby is an interpreted object-oriented programming language. The
1. Summary
Product : Vim -- Vi IMproved, Netrw
Version : Tested with Vim 7.2b, Netrw 127
Impact : Arbitrary code execution
Wherefrom: Local, possibly remote
Original : http://www.rdancer.org/vulnerablevim-netrw.v5.html
http://www.rdancer.org/vulnerablevim-latest.tar.bz2
Lack of sanitization throughout Netrw can lead to arbitrary code execution upon
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2008-1673 CVE-2008-2358
Two vulnerabilities have been discovered in the Linux kernel that may
lead to a denial of service or arbitrary code execution. The Common
Vulnerabilities and Exposures project identifies the following
problems:
CVE-2008-1673
Problem type : local/remote
Debian-specific: no
CVE Id(s) : CVE-2008-1673 CVE-2008-2358
Two vulnerabilities have been discovered in the Linux kernel that may
lead to a denial of service or arbitrary code execution. The Common
Vulnerabilities and Exposures project identifies the following
problems:
CVE-2008-1673
Dear users of TYPO3,
It has been discovered that the default value of the TYPO3 configuration variable fileDenyPattern allows arbitrary code execution on Apache web servers. Besides that, the library fe_adminlib.inc allows Cross Site Scripting (XSS).
=== Component Type ===
TYPO3 Core
=== Affected Versions ===
TYPO3 versions 3.x, 4.0 to 4.0.7, 4.1 to 4.1.6, 4.2
Supported 802.11b and 802.11g protocols. WEP, WPA and WPA2 supported.
Summary:
A buffer overflow condition can be triggered by setting URL filtering
for an overly long URL, leading to possible arbitrary code execution or
denial of service. Successful authentication is required in order to
exploit the vulnerability, but attackers can leverage other
vulnerabilities for achieving unauthenticated remote exploitation.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[ SeaMonkey 1.1.8 Remote Array Overrun (Arbitrary code execution) ]
Author: Maksymilian Arciemowicz and sp3x
http://SecurityReason.com
Date:
- - Dis.: 07.05.2009
- - Pub.: 20.11.2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[ K-Meleon 1.5.3 Remote Array Overrun (Arbitrary code execution) ]
Author: Maksymilian Arciemowicz and sp3x
http://SecurityReason.com
Date:
- - Dis.: 07.05.2009
- - Pub.: 20.11.2009
Vendor: Sophos, http://www.sophos.com
Affected Products:
Sophos Anti-Virus for Windows
Sophos Anti-Virus for Unix/Linux
Vulnerability: Arbitrary Code Execution (remote)
Risk: HIGH
________________________________________________________________________
Vendor communication:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[ Flock 2.5.2 Remote Array Overrun (Arbitrary code execution) ]
Author: Maksymilian Arciemowicz and sp3x
http://SecurityReason.com
Date:
- - Dis.: 07.05.2009
- - Pub.: 11.12.2009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4987
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4988
Description:
Previous versions of the ImageMagick package are vulnerable to multiple
indirect Denial of Service and Arbitrary Code Execution attacks when
attempting to read intentionally malformed image files.
http://wiki.rpath.com/Advisories:rPSA-2007-0220
Copyright 2007 rPath, Inc.
http://www.kryptoslogic.com/advisories/2010/kryptoslogic-winamp-midi.txt
==-===-=====-=======-===========-=============-=================
Winamp 5.6 Arbitrary Code Execution in MIDI Parser
Kryptos Logic, December 2010
==-===-=====-=======-===========-=============-=================
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
[ Camino 1.6.10 Remote Array Overrun (Arbitrary code execution) ]
Author: Maksymilian Arciemowicz and sp3x
http://SecurityReason.com
Date:
- - Dis.: 07.05.2009
- - Pub.: 11.12.2009
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1808
Description:
Previous versions of the freetype package are vulnerable to multiple
Arbitrary Code Execution attacks when processing malformed Printer
Font Binary (PFB) and TrueType Font (TTF) files.
http://wiki.rpath.com/Advisories:rPSA-2008-0255
Copyright 2008 rPath, Inc.
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c00912968
Version: 1
HPSBMA02201 SSRT071328 rev.1 - HP LoadRunner Agent on Windows, Remote Unauthenticated Arbitrary Code Execution
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
Release Date: 2010-05-05
Last Updated: 2010-05-05
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1721
Description:
Previous versions of the python package are vulnerable to multiple
attacks, including a Denial of Service in the imageop module and
Arbitrary Code Execution in the zlib module.
http://wiki.rpath.com/Advisories:rPSA-2008-0149
Copyright 2008 rPath, Inc.
This file is distributed under the terms of the MIT License.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373
Description:
Previous versions of the cups package are vulnerable to a possible
Arbitrary Code Execution attack in which an attacker may use a
maliciously crafted GIF file to trigger a buffer overflow.
http://wiki.rpath.com/Advisories:rPSA-2008-0136
Copyright 2008 rPath, Inc.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6697
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0544
Description:
Previous versions of the SDL_image package are vulnerable to multiple
Arbitrary Code Execution attacks in which attackers may use maliciously
crafted image files to trigger buffer overflows in applications that use
libSDL_image.
http://wiki.rpath.com/Advisories:rPSA-2008-0061
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484
http://wiki.rpath.com/Advisories:rPSA-2008-0046
Description:
Previous versions of the gd package are vulnerable to a possible
Arbitrary Code Execution attack in which an attacker may use a
maliciously crafted GIF file to trigger a buffer overflow. The libgd
library is not exposed via any privileged or remote interfaces within
Foresight Linux proper.
- ---
Next Page>>
|
