VX Search Enterprise GET Buffer Overflow

This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of VX Search Enterprise v9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86. Source: VX Search Enterprise GET Buffer […]

MacOS Raw Frame Pointers In Stackshot

This is an issue on MacOS that allows un-entitled root to read kernel frame pointers, which might be useful in combination with a kernel memory corruption bug. Source: MacOS Raw Frame Pointers In Stackshot

LG OGMParser::VerifyVorbisHeader Uninitialized Pointer

LG has an issue where a malformed OGM file can cause the use of an uninitialized pointer during Vorbis header verification – vorbis_info_clear is called on a vorbis_info structure that has not previously been initialised by a call to vorbis_info_init. Source: LG OGMParser::VerifyVorbisHeader Uninitialized Pointer

VMWare Workstation On Linux Privilege Escalation

This vulnerability permits an unprivileged user on a Linux machine on which VMWare Workstation is installed to gain root privileges. The issue is that, for VMs with audio, the privileged VM host process loads libasound, which parses ALSA configuration files, including one at ~/.asoundrc. libasound is not designed to run in a setuid context and […]