[Forgot Password]
Login  Register Subscribe

24003

 
 

131517

 
 

106647

 
 

909

 
 

84688

 
 

134

 
 
Paid content will be excluded from the download.

Filter
Matches : 778 Download | Alert*

Security researcher Holger Fuhrmannek used the used the Address Sanitizer tool to discover an out-of-bounds read issue with Web Audio when interacting with custom waveforms with invalid values. This results in a crash and could allow for the reading of random memory which may contain sensitive data, or of memory addresses that could be used in combination with another bug.

Using the Address Sanitizer tool, security researcher Atte Kettunen from OUSPG discovered a buffer overflow when making capitalization style changes during CSS parsing. This can cause a crash that is potentially exploitable.

Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

The host is missing a critical severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fail to handle a crafted data or unknown vectors. Successful exploitation allows attackers to cause a denial of service, obtain sensitive information, bypass a sandbox protection mechanism or execute arbitrary ...

Antoine Delignat-Lavaud , security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA ...

The host is missing a low severity security update according to Google advisory. The update is required to fix signature malleability vulnerability. The flaw is present in the application, which fails to handle crafted data. Successful exploitation makes it easier for remote attackers to spoof RSA signatures.

The host is missing a critical security update according to Adobe advisory APSB14-21. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle memory address or unspecified vectors. Successful exploitation allows attackers to execute arbitrary code or bypass intended access restrictions.

The host is missing a high severity security update according to Google advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to crash the service.

The host is missing a security update according to Apple advisory, APPLE-SA-2008-06-19. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code or crash the service.

Security researcher regenrecht reported, via TippingPoint"s Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   77

© 2013 SecPod Technologies