The vulnerability of the Ultra2 decoder in the VNC client software for remote desktop management tools called UltraVNC allows a hacker to execute arbitrary code.

The vulnerability of the Ultra2 decoder in the VNC client software of the remote desktop management tool UltraVNC is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the RAW decoder in the VNC client of the software for controlling remote desktops, UltraVNC, allows a hacker to execute arbitrary code.

The vulnerability of the RAW decoder in the VNC client of the remote desktop management software UltraVNC is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the CoRRE decoder’s VNC client, a software tool for managing remote desktops like UltraVNC, allows a hacker to execute arbitrary code.

The vulnerability of the CoRRE decoder’s VNC client, a software component for managing remote desktops such as UltraVNC, lies in the reading of data beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the Ultra decoder component of the VNC client software for remote desktop management tools, UltraVNC, allows a intruder to execute arbitrary code.

The vulnerability of the Ultra decoder component in the VNC client software for remote desktop management tools, UltraVNC, relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

EulerOS 2.0 SP3 : giflib (EulerOS-SA-2020-1385)

According to the version of the giflib package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by-zero exception in the decoder function DGifSlurp in dgiflib.c if the height...

B64dec 1.1.2 - Buffer Overflow (SEH Overflow + Egg Hunter) Exploit

Exploit Title: B64dec 1.1.2 - Buffer Overflow SEH Overflow + Egg Hunter Exploit Author: Andy Bowden Vendor Homepage: http://4mhz.de/b64dec.html Software Link: http://4mhz.de/download.php?file=b64dec-1-1-2.zip Version: Base64 Decoder 1.1.2 Tested on: Windows 10 x86 Instructions: Run the script to...

PT-2020-6220 · Industrial Light & Magic +7 · Openexr +7

Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 2.4.1 Description: The issue is related to an out-of-bounds read during Huffman uncompression. This can be demonstrated by the FastHufDecoder::refill function in ImfFastHuf.cpp. The exploitation of this issue may all...

B64dec 1.1.2 - Buffer Overflow (SEH Overflow + EggHunter)

Exploit Title: B64dec 1.1.2 - Buffer Overflow SEH Overflow + Egg Hunter Date: 2020-04-13 Exploit Author: Andy Bowden Vendor Homepage: http://4mhz.de/b64dec.html Software Link: http://4mhz.de/download.php?file=b64dec-1-1-2.zip Version: Base64 Decoder 1.1.2 Tested on: Windows 10 x86 Instructions: R...

B64dec 1.1.2 Buffer Overflow

Exploit Title: B64dec 1.1.2 - Buffer Overflow SEH Overflow + Egg Hunter Date: 2020-04-13 Exploit Author: Andy Bowden Vendor Homepage: http://4mhz.de/b64dec.html Software Link: http://4mhz.de/download.php?file=b64dec-1-1-2.zip Version: Base64 Decoder 1.1.2 Tested on: Windows 10 x86 Instructions: R...

Remote Code Execution (RCE)

cups is vulnerable to remote code execution RCE. The attack exists because of LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gifreadlzw function in filter/image-gif.c in CUPS...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as a flaw was found in the Memory-mapped I/O MMIO instruction decoder in the Xen hypervisor implementation. An unprivileged guest user could use this flaw to trick the hypervisor into emulating a certain instruction, which...

Denial Of Service (DoS)

GStreamer is denial of service DoS. Multiple integer overflow flaws, that could lead to a buffer overflow, were found in the GStreamer Good Plug-ins PNG decoding handler. An attacker could create a specially-crafted PNG file that would cause an application using the GStreamer Good Plug-ins librar...

Arbitrary Code Execution

krb5 is vulnerable to arbitrary code execution. An input validation flaw was found in the ASN.1 Abstract Syntax Notation One decoder used by MIT Kerberos. A remote attacker could use this flaw to crash a network service using the MIT Kerberos library, such as kadmind or krb5kdc, by causing it to...

Arbitrary Code Execution

libtiff is vulnerable to arbitrary code execution. The vulnerability exists as multiple uses of uninitialized values were discovered in libtiff's Lempel-Ziv-Welch LZW compression algorithm decoder. An attacker could create a carefully crafted LZW-encoded TIFF file that would cause an application...

Denial Of Service (DoS)

xpdf is vulnerable to denial of service DoS. The vulnerability exists through flaws were found in Xpdf's JBIG2 decoder. An attacker could create a malicious PDF that would cause Xpdf to crash when opened...

PT-2020-6850 · Libraw +3 · Libraw +3

Name of the Vulnerable Software and Affected Versions: LibRaw affected versions not specified Description: The issue is related to an out-of-bounds read within the LibRaw::adobe copy pixel function when reading data from an image file. This can potentially allow an attacker to cause a denial of...

HAProxy Buffer Overflow Vulnerability

HAProxy is an open source TCP/HTTP load balancing server from the French company HAProxy. The server provides 4-layer and 7-layer proxy , and can support tens of thousands of level of connections , with high efficiency , stability and other characteristics . A security vulnerability exists in the...

FreeBSD : HAproxy -- serious vulnerability affecting the HPACK decoder used for HTTP/2 (7f829d44-7509-11ea-b47c-589cfc0f81b0)

The HAproxy Project reports : The main driver for this release is that it contains a fix for a serious vulnerability that was responsibly reported last week by Felix Wilhelm from Google Project Zero, affecting the HPACK decoder used for HTTP/2. CVE-2020-11100 was assigned to this issue. C Tenable...

DEBIAN-CVE-2020-11100

In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution...

CVE-2020-11100

In hpackdhtinsert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution...