[Forgot Password]
Login  Register Subscribe

24436

 
 

131815

 
 

115228

 
 

909

 
 

90122

 
 

140

 
 
Paid content will be excluded from the download.

Filter
Matches : 1136 Download | Alert*

The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service.

Security researcher regenrecht reported, via TippingPoint"s Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution.

Security researcher Holger Fuhrmannek discovered an out-of-bounds read during the creation of an audio timeline in Web Audio. This results in a crash and could allow for the reading of random memory values.

Google security researcher Michal Zalewski discovered that when a malformated GIF image is rendered in certain circumstances, memory is not properly initialized before use. The resulting image then uses this memory during rendering. This could allow for the a script in web content to access this uninitialized memory using the <canvas> feature.

Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a use-after-free during cycle collection. This was found in interactions with the SVG content through the document object model (DOM) with animating SVG content. This leads to a potentially exploitable crash.

Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

The host is missing a critical severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle certain vectors. Successful exploitation allows remote attackers to cause arbitrary code execution, security bypass, a denial of service or possibly have unspecified other impact.

The host is missing a critical security update according to Adobe advisory APSB14-18. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle memory address or unspecified vectors. Successful exploitation allows attackers to execute arbitrary code or bypass intended access restrictions.

The host is missing a security update according to Apple advisory, APPLE-SA-2014-08-13-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle certain vectors. Successful exploitation allows remote attackers to bypass the Same Origin Policy or cause a denial of service or possibly have unspecified other impact.


Pages:      Start    3    4    5    6    7    8    9    10    11    12    13    14    15    16    ..   113

© SecPod Technologies