PHP 7.0.0 - Format String

Exploit for multiple platform in category dos / poc Overview -------------------------------------------- A fun little format string vulnerability exists in PHP 7.0.0 due to how non-existent class names are handled. From my limited research I believe this issue is likely exploitable for full code...

PHP 7.0.0 - Format String

PHP 7.0.0 - Format String Overview -------------------------------------------- A fun little format string vulnerability exists in PHP 7.0.0 due to how non-existent class names are handled. From my limited research I believe this issue is likely exploitable for full code execution see test script...

Internet Bug Bounty: Format string vulnerability in zend_throw_or_error()

Reference: ------------ https://bugs.php.net/bug.php?id=71105 http://www.php.net/ChangeLog-7.php7.0.1 Description: ------------ A format string vulnerability exists in PHP-7.0.0 due to how non-existent class names are handled. From my limited research I believe this issue is exploitable for full...

PHP 7.0.x < 7.0.1 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.1. It is, therefore, affected by multiple vulnerabilities : - A use-after-free error exists in the collatorsortwithsortkeys function due to improper clearing of pointers when destroying an array. An...

Up.time agent for Windows contains multiple vulnerabilities

Overview The Up.time client for Windows is vulnerable to an format string attack as well as a buffer overflow, and may allow unauthenticated users to perform certain commands. Description CWE-134: Uncontrolled Format String - CVE-2015-2894For version 6.0 and 7.2, an unauthenticated attacker on th...

FreeBSD : a2ps -- format string vulnerability (e359051d-90bd-11e5-bd18-002590263bf5)

Jong-Gwon Kim reports : When user runs a2ps with malicious crafted proa2ps prologue file, an attacker can execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright...

Mageia: Security Advisory (MGASA-2015-0453)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2015-0453 Updated latex2rtf packages fix security vulnerability

A format string vulnerability was found in CmdKeywords function when processing \keywords command in tex file. When the user runs latex2rtf with malicious crafted tex file, an attacker can execute arbitrary code. The variable 'keywords' in the function CmdKeywords may hold a malicious input strin...

Updated latex2rtf packages fix security vulnerability

A format string vulnerability was found in CmdKeywords function when processing \keywords command in tex file. When the user runs latex2rtf with malicious crafted tex file, an attacker can execute arbitrary code. The variable 'keywords' in the function CmdKeywords may hold a malicious input strin...

a2ps -- format string vulnerability

Jong-Gwon Kim reports: When user runs a2ps with malicious crafted proa2ps prologue file, an attacker can execute arbitrary code...

Internet Bug Bounty: zend_throw_or_error() format string vulnerability

https://bugs.php.net/bug.php?id=70914...

CVE-2001-0187

Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment...

CVE-2006-6105

Format string vulnerability in the host chooser window gdmchooser in GNOME Foundation Display Manager gdm allows local users to execute arbitrary code via format string specifiers in a hostname, which are used in an error dialog...

CVE-2006-0743

Format string vulnerability in LocalSyslogAppender in Apache log4net 1.2.9 might allow remote attackers to cause a denial of service memory corruption and termination via unknown vectors...

CVE-2007-0454

Format string vulnerability in the afsacl.so VFS module in Samba 3.0.6 through 3.0.23d allows context-dependent attackers to execute arbitrary code via format string specifiers in a filename on an AFS file system, which is not properly handled during Windows ACL mapping...

The vulnerability of the Kaspersky Anti-Virus antivirus protection allows a hacker to trigger a service failure or execute arbitrary code.

The vulnerability of Kaspersky Anti-Virus lies in the insufficient processing of a specific format string, which leads to buffer overflows. Exploiting this vulnerability can allow an attacker to cause service interruptions or execute arbitrary code using DEX files during the antivirus software’s...

Cisco Email Security Appliance Format String Vulnerability

Cisco Email Security Appliance contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service condition. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

Oracle: Security Advisory (ELSA-2007-0721)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2010-0362)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2015-6285

Format string vulnerability in Cisco Email Security Appliance ESA 7.6.0 and 8.0.0 allows remote attackers to cause a denial of service memory overwrite or service outage via format string specifiers in an HTTP request, aka Bug ID CSCug21497...