The flaw exists within the methods used for RealTimeData Record Parsing. When handling a stTopic field that has a bit set specifying double byte characters in the following field the value of a global pointer is improperly calculated.

This version adds Windows 7 support and updates the CVE number.

This update fixes an error which made the module abort.

This module exploits a stack-based buffer overflow in the MSCOMCTL.OCX control by sending a specially crafted .RTF file.



WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs

or have limited functionality and may not have complete or accurate documentation.

The ExceptionDelegator component of the XWork framework, part of the Apache Struts 2 web framework, as shipped with Atlassian FishEye, interprets parameters values as OGNL expressions when handling a type conversion error.

This can be exploited to execute arbitrary code on the vulnerable server by tricking a logged-in user with administrator privileges within the FishEye site to visit a specially crafted web page.

A memory corruption vulnerability in Adobe Flash Player allows attackers to execute arbitrary code sending a crafted MP4 file.

Unsafe type handling performed by the AtomicReferenceArray class of the Oracle Java Runtime Environment can be abused to cause a type confusion error.

This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.

The specific flaw exists within the way the ActiveX Control parses data supplied to the RunAndUploadFile function. The ActiveX control is used to create an Asset Information file for the local system to be uploaded to the IBM Tivoli Provisioning Manager Express Server.

IBM Personal Communications is prone to a stack based buffer overflow when parsing a malformed WS file. This module exploits this flaw to archive a clientside code execution.

Microsoft Expression Design is prone to a vulnerability that may allow the execution of any library file named wintab32.dll, if this dll is located in the same folder than a .DESIGN file.

This is an early release module. This is not the final version of this module.It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.

Argument injection vulnerability in the URI handler in Java Deployment Toolkit allows remote attackers to execute arbitrary code via the -J argument to javaws.exe, which is processed by the launch method.