AN-Master google-security-research issues

AN-Master / google-security-research

Automatically exported from code.google.com/p/google-security-research

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

[deleted issue]

#347 GoogleCodeExporter closed 8 years ago
0
[deleted issue]

#346 GoogleCodeExporter closed 8 years ago
0
[deleted issue]

#345 GoogleCodeExporter closed 8 years ago
0
Adobe Flash: SharedObject Destructor Sets data to Normal Type

#344 GoogleCodeExporter closed 8 years ago
4
OS X arbitrary file creation as root due to kextd trusting path components in Distributed Notification messages

#343 GoogleCodeExporter closed 8 years ago
3
Flash AS2 Use After Free while setting TextField.filters

#342 GoogleCodeExporter closed 8 years ago
4
OS X IOKit kernel code execution due to insufficient bounds checking in nvidia GeForce command buffer processing

#341 GoogleCodeExporter closed 8 years ago
3
[deleted issue]

#340 GoogleCodeExporter closed 8 years ago
0
Windows kernel: DeferWindowPos use-after-free

#339 GoogleCodeExporter closed 8 years ago
3
Adobe Flash: Type Confusion in SharedObject.data

#338 GoogleCodeExporter closed 8 years ago
5
FileReferenceList.browse does not check that fileList is a ScriptObject

#337 GoogleCodeExporter closed 8 years ago
5
Adobe Flash: Type Confusion in NetConnection with __proto__

#336 GoogleCodeExporter closed 8 years ago
5
Windows kernel: use-after-free with UserCommitDesktopMemory

#335 GoogleCodeExporter closed 8 years ago
6
OS X IOKit kernel code execution due to use of IOAccelSurface2::convertGLIndexToBufferIndex error code return value as buffer index

#334 GoogleCodeExporter closed 8 years ago
4
OS X IOKit kernel code execution due to lack of bounds checking in IGAccelVideoContextMain::process_token_AllPostProcGVA and patch_vphal_ssh_instance

#333 GoogleCodeExporter closed 8 years ago
3
OS X IOKit kernel code execution due to lack of bounds checking in IGAccelVideoContextMain::process_token_AllPostProcGVA

#332 GoogleCodeExporter closed 8 years ago
4
OS X IOKit kernel code execution due to lack of bounds checking in IGAccelVideoContextMain::process_token_JPEGBLF

#331 GoogleCodeExporter closed 8 years ago
4
Flash: AS2 Use After Free in TextField.filters (again)

#330 GoogleCodeExporter closed 8 years ago
4
OS X IOKit kernel code execution due to lack of bounds checking in IGAccelVideoContextMedia::process_token_JPEGDecode

#329 GoogleCodeExporter closed 8 years ago
4
OS X IOKit kernel code execution due to lack of bounds checking in IGAccelGLContext::BindQueryBufferMultiple

#328 GoogleCodeExporter closed 8 years ago
4
OS X IOKit kernel code execution due to lack of bounds checking in IGAccelVideoContextMain::patch_encoding_common

#327 GoogleCodeExporter closed 8 years ago
5
Flash: Issues in DefineBitsLossless and DefineBitsLossless2 leads to using uninitialized memory while rendering a picture

#326 GoogleCodeExporter closed 8 years ago
4
Windows: DCOM DCE/RPC Local NTLM Reflection Elevation of Privilege

#325 GoogleCodeExporter closed 8 years ago
7
Flash: out-of-bounds write in ShaderParameter resolution

#324 GoogleCodeExporter closed 8 years ago
9
Flash: integer overflow / memory corruption with excessive number of shader input channels

#323 GoogleCodeExporter closed 8 years ago
5
Flash: info leak due to uninitialized registers when executing Shaders

#322 GoogleCodeExporter closed 8 years ago
4
Windows kernel: pool buffer overflow drawing caption bar

#321 GoogleCodeExporter closed 8 years ago
4
Windows kernel: use-after-free in HmgAllocateObjectAttr

#320 GoogleCodeExporter closed 8 years ago
4
Flash: uninitialized memory information leak when shading into a ByteArray

#319 GoogleCodeExporter closed 8 years ago
4
Flash: memory corruption with ShaderJob width and height TOCTOU condition

#318 GoogleCodeExporter closed 8 years ago
4
Microsoft Office WordPerfect Invalid XOR

#317 GoogleCodeExporter closed 8 years ago
1
Flash: Uninitialized stack variable while parsing an MPD file can corrupt memory

#316 GoogleCodeExporter closed 8 years ago
4
Microsoft Office WordPerfect Invalid Copy Destination

#315 GoogleCodeExporter closed 8 years ago
3
OS X privilege escalation due to bad error handling in Install.framework suid helper

#314 GoogleCodeExporter closed 8 years ago
3
Windows kernel: buffer overflow in win32k!vSolidFillRect

#313 GoogleCodeExporter closed 8 years ago
4
Windows kernel: possible NULL pointer dereference of a SURFOBJ

#312 GoogleCodeExporter closed 8 years ago
6
Window kernel: use-after-free in bitmap handling #2

#311 GoogleCodeExporter closed 8 years ago
5
pdfium static out-of-bounds read in CXFA_ItemLayoutProcessor::CalculatePositionedContainerPos

#310 GoogleCodeExporter closed 8 years ago
3
pdfium unmapped memory read (SIGSEGV) crash in CPDF_SampledFunc::v_Call

#309 GoogleCodeExporter closed 8 years ago
3
Microsoft Office 2007 WordPerfect Memory Corruption

#308 GoogleCodeExporter closed 8 years ago
2
pdfium heap-based out-of-bounds read in opj_dwt_decode_1 (libopenjpeg)

#307 GoogleCodeExporter closed 8 years ago
4
Oracle Java Runtime Environment multiple NULL pointer dereferences during TTF/Type1 font rendering

#306 GoogleCodeExporter closed 8 years ago
5
Oracle Java Runtime Environment heap corruption during TTF/Type1 font rendering in sc_FindExtrema4

#305 GoogleCodeExporter closed 8 years ago
6
Windows kernel: Brush object Use-after-free vulnerability

#304 GoogleCodeExporter closed 8 years ago
5
Security: Use After Free in Flash AVSS.setSubscribedTags can cause memory corruption

#303 GoogleCodeExporter closed 8 years ago
4
Security: Flash Player Integer Overflow in Function.apply

#302 GoogleCodeExporter closed 8 years ago
5
Adobe Flash: Normal Check Should Verify that UserData and Destructor are null

#301 GoogleCodeExporter closed 8 years ago
4
Adobe Flash: buffer overflow in Sound.extract()

#300 GoogleCodeExporter closed 8 years ago
5
Oracle Java Runtime Environment heap corruption during TTF font rendering in fnt_IDEF

#299 GoogleCodeExporter closed 8 years ago
7
Oracle Java Runtime Environment heap corruption during TTF font rendering in ag_AnalyzeChar

#298 GoogleCodeExporter closed 8 years ago
6

Previous Next