Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.
A Heap Overflow vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server.
This version improves the detection of the effectiveness in non-vulnerable targets.
This version improves the detection of the effectiveness in non-vulnerable targets.
A Heap Overflow vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server.
The specific flaw exists within the crUnpackTexGendv method. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to crash the VirtualBox process used for open the target.
This module exploits an exceptional condition in "lsasrv.dll" by sending a crafted "Session Setup Request" SMBv1 or SMBv2 packet that is affected during the NTML Auth message.
This module exploits an exceptcional condition in "lsasrv.dll" by sending a crafted "Session Setup Request" SMBv1 or SMBv2 packet that is affected during the NTML Auth message.
The amd64_set_ldt() function in sys/amd64/amd64/sys_machdep.c in the FreeBSD kernel code is prone to an integer signedness error when processing a system call with specially crafted parameters originated from user space.
This issue ultimately leads to a kernel heap overflow, which can be used by unprivileged local attackers to cause a kernel panic and crash the machine.
This issue ultimately leads to a kernel heap overflow, which can be used by unprivileged local attackers to cause a kernel panic and crash the machine.
A vulnerability in the Network Driver Interface Standard (NDIS) implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to trigger buffer overflow.
This allows unprivileged local users to cause an invalid dereference in kernel mode, which produces a BSoD.
This allows unprivileged local users to cause an invalid dereference in kernel mode, which produces a BSoD.
This module exploits a double free vulnerability in win32k.sys, allowing an unprivileged local user to cause a BSOD.
This update improves the post exploitation target information to include the CVE.
This update improves the post exploitation target information to include the CVE.