Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2016-8385
HistoryFeb 27, 2017 - 9:59 p.m.

Stack overflow

2017-02-2721:59:00
PRIOn knowledge base
www.prio-n.com
1

8.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.3%

JSON

An exploitable uninitialized variable vulnerability which leads to a stack-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF to XML a stack variable will be left uninitialized which will later be used to fetch a length that is used in a copy operation. In most cases this will allow an aggressor to write outside the bounds of a stack buffer which is used to contain colors. This can lead to code execution under the context of the account running the tool.

CPENameOperatorVersion
arguseq6.6.04

Related

cvelist 1
talos 1
cve 1
nvd 1
seebug 1
cvelist
cvelist
CVE-2016-8385
2017-02-27 21:00:00
talos
talos
Iceni Argus PDF Uninitialized WordStyle Color Length Code Execution Vulnerability
2017-02-27 00:00:00
cve
cve
CVE-2016-8385
2017-02-27 21:59:00
nvd
nvd
CVE-2016-8385
2017-02-27 21:59:00
seebug
seebug
Iceni Argus PDF Uninitialized WordStyle Color Length Code Execution Vulnerability(CVE-2016-8385)
2017-09-20 00:00:00

8.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.3%

JSON
Related for PRION:CVE-2016-8385
cvelist1talos1cve1nvd1seebug1