[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97559

 
 

909

 
 

78730

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 1741 Download | Alert*

Google security researcher Michal Zalewski discovered that when a malformated GIF image is rendered in certain circumstances, memory is not properly initialized before use. The resulting image then uses this memory during rendering. This could allow for the a script in web content to access this unitialized memory using the <canvas> feature.

Security researcher Holger Fuhrmannek discovered an out-of-bounds read during the creation of an audio timeline in Web Audio. This results in a crash and could allow for the reading of random memory values.

Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code.

Security researcher Abhishek Arya (Inferno) of the Google Chrome Security Team used the Address Sanitizer tool to discover a use-after-free during cycle collection. This was found in interactions with the SVG content through the document object model (DOM) with animating SVG content. This leads to a potentially exploitable crash.

The host is missing a critical security update according to Mozilla advisory, MFSA2016-96. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle crafted data. Successful exploitation allows remote attackers to execute arbitrary code or crash the service.

The host is missing an important security update, according to Microsoft security bulletin MS13-103. The update is required to fix a signalR XSS vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to access resources in the context of the targeted user.

The host is missing a critical security update according to Mozilla advisory, MFSA2016-93. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle unknown vectors. Successful exploitation allows attackers to execute remote code or cause memory corruption.

The host is missing an important security update according to Microsoft security bulletin, MS14-032. The update is required to fix an information disclosure vulnerability. A flaw is present in the application, which fails to fails to properly sanitize specially crafted content. Successful exploitation could allow attackers to potentially execute scripts in the users browser to obtain information f ...

The host is missing an important security update, according to Microsoft security bulletin MS13-078. The update is required to fix a xml disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to disclose the contents of a file on a target system.

The host is installed with Microsoft Windows Vista or Server 2008/R2 or Windows 7 and is prone to file validation vulnerability. A flaw is present in the applications which does not validate the office file. Successful exploitation, exploit the integrity of a file and allows attacker to read sensitive information or install malware applications.


Pages:      Start    163    164    165    166    167    168    169    170    171    172    173    174    ..   174

© 2013 SecPod Technologies