The vulnerability is caused due to an error when processing qcd chunk structure.
This vulnerability exists within the tm1admsd.exe component Of IBM Cognos TM1. This process listens on TCP port 5498 by default. Multiple opcodes fail to validate user supplied length and data fields before copying their contents to a fixed length buffer on the stack.
Unsafe type handling performed by the AtomicReferenceArray class of the Oracle Java Runtime Environment can be abused to cause a type confusion error.
This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.
This update adds support to Microsoft Windows 2003 64 bits, Microsoft Windows Vista 64 bits, Microsoft Windows 2008 64 bits and Microsoft Windows Seven 64 bits.
This module exploits a vulnerability in the "Print Spooler" service.
This module exploits a vulnerability in the "Print Spooler" service.
This update replaces the exploit modules for MS12-034. Also it adds support for 64bit versions of Microsoft Windows 2003, Vista and 2008.
This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters.
When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption.
This module exploits a Windows kernel vulnerability by loading a fake keyboard layout through a call to "NtUserLoadKeyboardLayoutEx" function with crafted parameters.
When the keyboard layout is processed by win32k.sys, it produces a kernel heap memory corruption.
The vulnerability is caused due to a boundary error when processing the tags within .PAC files. This can be exploited to cause a stack-based buffer overflow via an overly long string.
This update adds CVE number.
This update adds CVE number.
On Intel CPUs, sysret to non-canonical addresses causes a fault on the sysret instruction itself after the stack pointer is set to guest value but before the current privilege level (CPL) is changed. FreeBSD is vulnerable to this issue due to insufficient sanity checks when returning from a system call. This module exploits the vulnerability and installs an agent with root privileges.
A buffer overflow in NetDecision's HTTP service is exploited when a long URL is managed by the HTTP Server's active window. For successfull exploitation, the victim need to have the HttpSvr's window open.
This version add CVE.
This version add CVE.
This module exploits an object type confusion vulnerability in Adobe Flash Player. The specific error occurs due to the way Adobe Flash handles the AMF0 response (_error) when connecting to a malicious RTMP server. By supplying a crafted AMF0 response it is possible to execute arbitrary code in the context of the vulnerable application.
A vulnerability found in Apple QuickTime Player when handling a crafted TeXML file, it is possible to trigger a stack-based buffer overflow.
This update bypass DEP for Internet Explorer 8 support and for execute the mov file directly in Quicktime player.
This update bypass DEP for Internet Explorer 8 support and for execute the mov file directly in Quicktime player.