Vulnerabilities tagged "desktop"

Remote Code Execution in WinRAR

A fairly simple processing bug in WinRAR resulting in code execution with benign seeming interaction with an archive; unfortunately this one was seen being exploited in the wild to spread malware.

[Chrome] heap-use-after-free in AccountSelectionBubbleView::OnAccountImageFetched

Callbacks can be tricky in memory-unsafe languages, here we have the Chrome Account Selection feature creating an image view and an image fetcher. Sets up a callback function to be called once the account's image has been fetched and passes in the raw pointer to the created image_view, the problem being that the image view may be destroyed before the callback happens.