VX Search Enterprise GET Buffer Overflow

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of VX Search Enterprise v9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86. Source: VX Search Enterprise GET Buffer […]

MacOS Raw Frame Pointers In Stackshot

This is an issue on MacOS that allows un-entitled root to read kernel frame pointers, which might be useful in combination with a kernel memory corruption bug. Source: MacOS Raw Frame Pointers In Stackshot

LG OGMParser::VerifyVorbisHeader Uninitialized Pointer

LG has an issue where a malformed OGM file can cause the use of an uninitialized pointer during Vorbis header verification – vorbis_info_clear is called on a vorbis_info structure that has not previously been initialised by a call to vorbis_info_init. Source: LG OGMParser::VerifyVorbisHeader Uninitialized Pointer