VegarLH google-security-research issues

VegarLH / google-security-research

Automatically exported from code.google.com/p/google-security-research

0 stars 0 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Windows Kernel win32k.sys TTF font processing: out-of-bounds pool write in win32k!fsc_BLTHoriz

#402 GoogleCodeExporter closed 9 years ago
5
Windows Kernel win32k.sys TTF font processing: out-of-bounds pool memory access in win32k!fsc_RemoveDups

#401 GoogleCodeExporter closed 9 years ago
5
Flash: wild pointer crash in XML handling

#400 GoogleCodeExporter closed 9 years ago
6
Flash: wild pointer in button handling

#399 GoogleCodeExporter closed 9 years ago
4
Flash: bad dereference at 0x23c on Linux x64

#398 GoogleCodeExporter closed 9 years ago
4
Flash: wild pointer crash after continuing slow script

#397 GoogleCodeExporter closed 9 years ago
3
Flash: wild pointer crash in drawing and bitmap handling

#396 GoogleCodeExporter closed 9 years ago
3
Heap overflow in QEMU PCNET driver allowing targeted control of host RIP from guest

#395 GoogleCodeExporter closed 9 years ago
1
OS X HFS_EXTEND_FS sysctl discloses uninitialized kernel stack memory to userspace

#394 GoogleCodeExporter closed 9 years ago
4
[deleted issue]

#393 GoogleCodeExporter closed 9 years ago
0
Windows Kernel ATMFD.DLL out-of-bounds read due to malformed FDSelect offset in the CFF table

#392 GoogleCodeExporter closed 9 years ago
6
Adobe Flash: Use-after-free in attachMovie

#391 GoogleCodeExporter closed 9 years ago
5
Kernel ASLR leak in win32k!zzzHideCursorNoCapture (via NtUserCallNoParam)

#390 GoogleCodeExporter closed 9 years ago
5
Adobe Flash: Use-after-free when calling setMask

#389 GoogleCodeExporter closed 9 years ago
4
Adobe Flash: Use-after-free in Drawing Methods this

#388 GoogleCodeExporter closed 9 years ago
4
Microsoft Office 2007 and 2010 use after free vulnerability

#387 GoogleCodeExporter closed 9 years ago
4
Windows Kernel ATMFD.DLL out-of-bounds read due to malformed Name INDEX in the CFF table

#386 GoogleCodeExporter closed 9 years ago
6
Windows Kernel ATMFD.DLL write to uninitialized address due to malformed CFF table

#385 GoogleCodeExporter closed 9 years ago
5
Windows Kernel ATMFD.DLL invalid memory access due to malformed CFF table (ATMFD+0x3440b / ATMFD+0x3440e)

#384 GoogleCodeExporter closed 9 years ago
6
Windows Kernel ATMFD.DLL invalid memory access due to malformed CFF table (ATMFD+0x34072 / ATMFD+0x3407b)

#383 GoogleCodeExporter closed 9 years ago
7
Windows Kernel ATMFD.DLL out-of-bounds reads from the input CharString stream

#382 GoogleCodeExporter closed 9 years ago
5
Adobe Flash: Use-after-free in tabIndex setter

#381 GoogleCodeExporter closed 9 years ago
5
Adobe Flash: Use-after-free in scale9Grid

#380 GoogleCodeExporter closed 9 years ago
5
Microsoft Office 2007: object vtable memory corruption

#379 GoogleCodeExporter closed 9 years ago
4
Flash: out-of-bounds read in UTF conversion

#378 GoogleCodeExporter closed 9 years ago
4
Flash AS2 Use After Free in DisplacementMapFilter.mapBitmap (#2)

#377 GoogleCodeExporter closed 9 years ago
4
Android media sonivox XMF heap corruption

#376 GoogleCodeExporter closed 9 years ago
1
Flash: uninitialized memory information leak when shading into a ByteArray (#2)

#375 GoogleCodeExporter closed 9 years ago
5
Adobe Flash: Array.sort can go out of bounds

#374 GoogleCodeExporter closed 9 years ago
4
[deleted issue]

#373 GoogleCodeExporter closed 9 years ago
0
Adobe Flash: Use-after-free in Array.unshift

#372 GoogleCodeExporter closed 9 years ago
4
Adobe Flash: Use-after-free in Array.push

#371 GoogleCodeExporter closed 9 years ago
4
Windows Kernel win32k.sys TTF font processing: pool-based buffer overflow in win32k!scl_ApplyTranslation

#370 GoogleCodeExporter closed 9 years ago
8
Windows Kernel ATMFD.DLL OTF font processing: pool-based buffer overflow with malformed GPOS table

#369 GoogleCodeExporter closed 9 years ago
3
Windows Kernel win32k.sys TTF font processing: pool-based buffer overflow in the IUP[] program instruction

#368 GoogleCodeExporter closed 9 years ago
5
Flash UAF with Color.setRGB in AS2

#367 GoogleCodeExporter closed 9 years ago
4
Adobe Flash: Use-after-free when printing XML Attributes

#366 GoogleCodeExporter closed 9 years ago
4
Adobe Flash: Use-after-free in XML.childNodes

#365 GoogleCodeExporter closed 9 years ago
4
Chrome heap overflow in CertificateResourceHandler

#364 GoogleCodeExporter closed 9 years ago
5
Adobe Flash out-of-bounds memory read while parsing a mutated TTF file embedded in SWF

#363 GoogleCodeExporter closed 9 years ago
6
Adobe Flash out-of-bounds memory read while parsing a mutated SWF file

#362 GoogleCodeExporter closed 9 years ago
5
Adobe Flash out-of-bounds memory read while parsing a mutated SWF file

#361 GoogleCodeExporter closed 9 years ago
5
Adobe Flash: Use-after-free when setting value

#360 GoogleCodeExporter closed 9 years ago
4
Flash UAF with MovieClip.scrollRect in AS2

#359 GoogleCodeExporter closed 9 years ago
4
Flash AS2 Use After Free in DisplacementMapFilter.mapBitmap

#358 GoogleCodeExporter closed 9 years ago
3
Adobe Flash: Use-after-free when setting internal number

#357 GoogleCodeExporter closed 9 years ago
5
Use-after-free when setting internal boolean

#356 GoogleCodeExporter closed 9 years ago
5
Adobe Flash: Use-after-free when setting variable

#355 GoogleCodeExporter closed 9 years ago
5
Flash: Boundless Tunes - universal SOP bypass through ActionSctipt's Sound object

#354 GoogleCodeExporter closed 9 years ago
4
OS X kextd bad path checking and toctou allow a regular user to load an unsigned kernel extension

#353 GoogleCodeExporter closed 9 years ago
4

Previous Next