Webgate WESP SDK WESPMonitor Module is prone to a buffer overflow vulnerability when LoadImage method is invoked with a crafted argument.
This module exploits a double free vulnerability in win32k.sys, allowing an unprivileged local user to cause a BSOD.
This module exploits an integer overflow in Adobe Flash Player. The specific flaw exists within the implementation of casi32. The issue lies in the failure to properly sanitize a user-supplied length value with a specific array implementation. An attacker can leverage this vulnerability to execute code within the context of the current process.
Adobe Flash Player is prone to a use-after-free vulnerability because the ByteArray::UncompressViaZlibVariant method frees an object while leaving a dangling pointer that can be later dereferenced.
This vulnerability allows attackers to execute arbitrary code on vulnerable machines by enticing unsuspecting users to visit a website serving a specially crafted SWF Flash file.
This vulnerability allows attackers to execute arbitrary code on vulnerable machines by enticing unsuspecting users to visit a website serving a specially crafted SWF Flash file.
The specific flaw exists within the 'factory' object's loadExtensionFactory method. The issue lies in a failure to validate the size of an attacker-supplied input before copying it into a fixed-size buffer on the stack. An attacker can leverage this vulnerability to execute code under the context of the current process.
This module exploits a vulnerability in Internet Explorer 10/11 by downgrading the encryption from TLS 1.x to SSLv3.
After that, part of the encrypted text plain will be decrypted.
After that, part of the encrypted text plain will be decrypted.
This module exploits a remote code execution vulnerability in HP Data Protector by sending a specially crafted request
This module exploits a heap-based buffer overflow in Adobe Flash Player. The bug is triggered by calling BitmapData.copyPixelsToByteArray() with a reference to a ByteArray that has its position property set very large, close to 2^32. This results in an integer overflow in 32-bit arithmetic and allows an attacker to take control of the target machine.
This update is to add the exploit in order to attack Drupal core CMS 7.x versions prior to 7.32 using default configuration (CVE-2014-3704).
This module exploits a Integer Overflow vulnerability in the HTTP Server by sending a malformed packet to the 80/TCP port to crash the application.