[Forgot Password]
Login  Register Subscribe

24003

 
 

131425

 
 

103942

 
 

909

 
 

84057

 
 

133

 
 
Paid content will be excluded from the download.

Filter
Matches : 11083 Download | Alert*

The host is installed with PuTTY before 0.63 and is prone to buffer overflow vulnerability. The flaw is present in the application, which is not properly handled during computation of a modular inverse and triggers the overflow during a division by zero by the bignum functionality. Successful exploitation allows remote SSH servers to cause a denial of service (crash).

The host is installed with PuTTY before 0.63 and is prone to information disclosure vulnerability. The flaw is present in the rsa_verify function in PuTTY, which does not clear sensitive process memory after use and (2) does not free certain structures containing sensitive process memory. Successful exploitation might allow local users to discover private RSA and DSA keys.

The host is installed with PuTTY before 0.66 and is prone to an integer overflow vulnerability. The flaw is present in the application, which fails to handle an ECH (erase characters) escape sequence with a large parameter value, which triggers a buffer underflow. Successful exploitation could allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary cod ...

The host is installed with PuTTY 0.51 through 0.63 and is prone to an information disclosure vulnerability. The flaw is present in the (1) ssh2_load_userkey and (2) ssh2_save_userkey functions, which do not properly wipe SSH-2 private keys from memory. Successful exploitation allows local users to obtain sensitive information by reading the memory.

The host is installed with PuTTY before 0.67 and is prone to a stack-based buffer overflow vulnerability. A flaw is present in the SCP command-line utility, which fails to handle a crafted SCP-SINK file-size response to an SCP download request. Successful exploitation allows remote servers to cause a denial of service (stack memory corruption) or execute arbitrary code.

The host is installed with PuTTY before 0.68 and is prone to an unspecified vulnerability. A flaw is present in the ssh_agent_channel_data function, which fails to handle a large length value in an agent protocol message. Successful exploitation allows remote attackers to have unspecified impact.

Mozilla Firefox before 52.0 and Thunderbird before 52.0 :- Mozilla developers and community members reported memory safety bugs present in Firefox. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code.

Mozilla Firefox before 52.0 and Thunderbird before 52.0 :- If a malicious site uses the view-source: protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making view-source: linkable.

Mozilla Firefox before 52.0 and Thunderbird before 52.0 :- A malicious site could spoof the contents of the print preview window if popup windows are enabled, resulting in user confusion of what site is currently loaded.

Mozilla Firefox before 52.0 and Thunderbird before 52.0 :- If a malicious site repeatedly triggers a modal authentication prompt, eventually the browser UI will become non-responsive, requiring shutdown through the operating system. This is a denial of service (DOS) attack.


Pages:      Start    1031    1032    1033    1034    1035    1036    1037    1038    1039    1040    1041    1042    1043    1044    ..   1108

© 2013 SecPod Technologies