|
Home > News > Tags > buffer overflow
|
|
30
Stories about: buffer overflow |
|
|
Researchers Terry McCorke and Billy Rios identified a buffer overflow flaw in a number of components of the ABB WebWare Server applications that are currently being used in many legacy ABB products. However, because they’re approaching the end of their life cycle, the company revealed that no patches should be ... |
5 April 2012
07:46 GMT |
 |
|
VLC 2.0.1 was released not only to address functionality bugs, but also a couple of security holes that may have been exploited by an attacker to execute arbitrary code. All previous versions of the popular media player were affected by a stack overflow vulnerability present in the MMS access plug-in (libaccess_mms_... |
19 March 2012
11:32 GMT |
|
|
Since hackers started targeting computers via the web browser and its add-ons, Microsoft fitted Internet Explorer(IE) 10 with some sophisticated mechanisms to ensure that memory-related vulnerabilities were impossible, or highly difficult, to exploit.
Web browsers are usually targeted with buffer overflow attacks or... |
13 March 2012
11:40 GMT |
|
|
Georgian security expert Ucha Gobejishvili, a member of the Vulnerability Laboratory Research Team, identified a serious buffer overflow vulnerability in the latest version of the popular GOM Player. The high severity flaw can be locally and remotely exploited by an attacker who opens, or convinces the victim to ope... |
12 March 2012
04:34 GMT |
|
|
Vulnerability Lab researchers released a proof-of-concept video to reveal a buffer overflow issue present in Yahoo Messenger, the popular instant messaging client. The high severity security hole was identified by Manideep, also known as z3r0 erR0R, who proved that when users try to send an image file on chat rooms ... |
11 February 2012
07:13 GMT |
|
|
Buffer overflow and data corruption vulnerabilities were discovered by Kuang-Chun Hung, a researcher at Taiwan’s Information and Communication Security Technology Center (ICST), in Siemens’ Tecnomatix FactoryLink application, used to develop things such as human-machine interface systems.
The flaws that... |
10 January 2012
06:13 GMT |
|
|
Nullsoft, the developers of Winamp, the popular media player, released a version of the application (Winamp 5.623) that not only fixes several bugs, but also three important security vulnerabilities that could have allowed a hacker to take over the users’ devices.
Security specialists from Secunia state that an inte... |
13 December 2011
04:25 GMT |
|
|
The VideoLAN Organization has released a version 1.1.9 of VLC media player in order to address two critical vulnerabilities that could be exploited by potential attackers to execute arbitrary code remotely.One of the flaws fixed in VLC 1.1.9 was disclosed last Saturday and is located in the MP4 demultiplexer, the plu... |
13 April 2011
10:24 GMT |
|
|
A critical zero-day vulnerability has been discovered in VLC media player and can potentially be exploited to execute arbitrary code on a user's system.The flaw is located in libmodplug, a third-party library used to load and render music module files in multiple formats including .669, .amf, .ams, .dbm, .dmf, .... |
8 April 2011
07:59 GMT |
|
|
The VideoLAN Project warns about a critical buffer overflow vulnerability in VLC media player which can be exploited to execute arbitrary code remotely.The vulnerability was confirmed in VLC media player 1.1.5, the latest stable version, but previous releases could also be affected.The bug is located in the Real demu... |
4 January 2011
05:25 GMT |
|
|
A zero-day vulnerability which allowed attackers to install a backdoor in the ProFTPD source code packages last month has been patched in the newly released 1.3.3d version.ProFTPD is one of the most popular open source FTP server implementations. It is designed to run on most *NIX flavored operating systems, such as ... |
21 December 2010
12:30 GMT |
|
|
A critical buffer overflow vulnerability, which allows attackers to execute arbitrary code from a remote location, was patched in the newly released ProFTPD 1.3.3c version.The vulnerability was reported through TippingPoint's Zero Day Initiative (ZDI) program, which pays security researchers for zero-day flaws.A... |
2 November 2010
11:11 GMT |
|
|
Version 3.5.5 of the Samba Windows-Unix interoperability software suite was released in order to address a critical vulnerability that could be exploited to execute arbitrary code.
The vulnerability, which is identified as CVE-2010-3069 and affects all previous Samba versions, leads to a buffer overflow condition an... |
14 September 2010
12:25 GMT |
|
|
A highly critical remote code execution vulnerability has been discovered in the latest version of QuickTime for Windows. Secunia reports that the flaw can be exploited by tricking users into viewing a maliciously crafted Web page.According to an advisory published by the Danish vulnerability intelligence vendor, a f... |
28 July 2010
13:38 GMT |
|
|
Several vulnerability research organizations have reported a remote stack buffer overflow vulnerability in the newly released Firefox 3.5.1 version. Mozilla dismisses claims that this bug can be exploited to compromise computers and says that its impact is only limited to a denial of service condition. Just a day be... |
20 July 2009
04:07 GMT |
|
|
Several serious vulnerabilities affecting the Adobe Reader alternative, developed by Foxit Software, have been recently disclosed. Security professionals now warn that proof-of-concept (PoC) exploit code for one of the more critical ones has also been made available and could be used in future attacks. On 9 March, F... |
13 March 2009
10:06 GMT |
|
|
At the end of October 2008 Microsoft was informed of a new vulnerability affecting the core of Windows Vista, but a fix was not delivered along with the November security bulletins. Thomas Unterleitner, from phion AG, informed that the Microsoft VISTA TCP/IP stack buffer overflow security flaw affected both 32-bit an... |
24 November 2008
06:35 GMT |
|
|
Adobe has announced the existence of no less than five local and remote code execution vulnerabilities in the 8.1.2 and earlier versions of Adobe Reader and Acrobat. Security patches have been released for all of them along with an advisory, which also includes a privilege escalation and a denial of service vulnerabi... |
5 November 2008
08:08 GMT |
|
|
A remotely exploitable buffer overflow vulnerability that can allow remote code execution has been identified in the latest version of mIRC (6.34). The vulnerability is not patched yet and users are advised to be cautious when connecting to IRC servers or opening irc:// links.Secunia released a security advisory rega... |
3 October 2008
10:55 GMT |
|
|
C4 Security has released an advisory describing a buffer overflow vulnerability in the ABB PCU400 software that is used as a communication interface between SCADA (Supervisory Control And Data Acquisition) servers and remote terminal units on the network. This specific product is known to be used for controlling crit... |
26 September 2008
04:56 GMT |
|
|
|
|
Find us on Google+
