Micro Focus Rumba is prone to buffer overflow when PlayMacro() within WdMacCtl.ocx is used with an overly long MacroName argument.
This vulnerability revolves around an unchecked integer underflow of the size of a record of type 0x3c, producing a heap overflow, within a Workbook stream in an XLS file handled by Ichitaro.
Cisco WebEx extension for Chrome includes an OS command injection vulnerability. This module serves a specially crafted web page using HTTPS. If a vulnerable version of the extension is installed and the web browser connects to Impact's web server, this module will deploys an OS agent.
Use-after-free while manipulating DOM events and removing audio elements due to errors in the handling of node adoption.
This module exploits a "use after free" vulnerability in xul.dll.
The specific flaw exists within the RA.ViewElements.Row.1 ActiveXControl method (PanelDevice.dll). By providing a malicious value to the BackColor property.
The specific flaw exists within the SetDataIntf method of the AxEditGrid control. The control has an untrusted pointer dereference vulnerability because it blindly calls an attacker-supplied memory address.
Microsoft Windows is prone to a stack-based buffer-overflow vulnerability in the Windows Graphics Rendering Engine because the software fails to perform adequate boundary-checks on user-supplied data.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This update improves the exploit reliability.
WARNING: This is an early release module. This is not the final version of this module. It is a pre-released version in order to deliver a module as quickly as possible to our customers that may be useful in some situations. Since this module is not the final version it may contain bugs or have limited functionality and may not have complete or accurate documentation.
This update improves the exploit reliability.
A heap overflow in the ActiveX control qp2.cab in IBM Lotus Quickr for Domino allows remote attackers to execute arbitrary code via a crafted argument to the Attachment_Names method.
This update reduces user interaction, automating the focus of the mouse in the created window object.
This update reduces user interaction, automating the focus of the mouse in the created window object.
Internet Explorer is prone to a use-after-free vulnerability when trying to access the ArrayBuffer that was backing a Typed Array after it has been detached by transferring it to a Web Worker by calling the postMessage() function.
This vulnerability can be abused by an attacker to execute arbitrary code on systems running vulnerable versions of Internet Explorer.
This vulnerability can be abused by an attacker to execute arbitrary code on systems running vulnerable versions of Internet Explorer.