Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2017-11882 43b 原脚本来自于 https://github.com/embedi/CVE-2017-11882 109b 原脚本来自于 https://github.com/unamer/CVE-2017-11882/ （膜一波，现在unamer的代码已经可以执行shellcode了） CVE-2017-11882: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ MITRE CVE-2017-11882: https://vulners.com/cve/CVE-2017-118...

The vulnerability of the V8 component in the Google Chrome browser allows attackers to disclose protected information.

The vulnerability of the V8 component in the Google Chrome browser is related to reading beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information using a specially created PDF file...

The vulnerability of the Firefox browser arises from an operation that goes beyond the buffer in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Firefox browser arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Firefox browser arises from an operation that goes beyond the buffer in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Firefox browser arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Moxa AWK-3121

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit/public exploits available Vendor: Moxa Equipment: AWK-3121 Vulnerabilities: Cleartext Transmission of Sensitive Information, Improper Access Control, Sensitive Cookie without ‘HTTPONLY’ Flag, Improper...

The vulnerability of the Dirac and Schrodinger codecs in the VideoLAN VLC media player software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the Dirac and Schrodinger codecs in the VideoLAN VLC media player software lies in the fact that the operation results are stored outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause system failures...

The vulnerability of the VideoLAN VLC media player lies in the fact that operations are performed outside the buffer in memory, allowing an attacker to execute arbitrary code or cause a service failure.

The vulnerability of the VideoLAN VLC media player lies in the fact that the operation data is stored outside of the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure by using a specially created .3GP file...

Siemens Simatic Improper Restriction of Operations within the Bounds of a Memory Buffer

Siemens SIMATIC S7-400 PN CPU devices with firmware 5.x allow remote attackers to cause a denial of service defect-mode transition and service outage via 1 malformed HTTP traffic or 2 malformed IP packets. File data ot500212.nasl...

Rockwellautomation Ethernet\/ip Improper Restriction of Operations within the Bounds of a Memory Buffer

Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB communication modules; CompactLogix L32E and L35E controllers; 1788-ENBT FLEXLogix adapter; 1794-AENTR FLEX I/O EtherNet/IP adapter; ControlLogix 18 and earlier; CompactLogix 18 and earlier; GuardLogix 18 and...

Siemens Simatic Improper Restriction of Operations within the Bounds of a Memory Buffer

Siemens SIMATIC S7-1200 PLCs 2.x and 3.x allow remote attackers to cause a denial of service defect-mode transition and control outage via crafted packets to UDP port 161 aka the SNMP port. File data ot500144.nasl...

Cisco Ios Improper Restriction of Operations within the Bounds of a Memory Buffer

Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated...

Rockwellautomation 1766-l32bxba Improper Restriction of Operations within the Bounds of a Memory Buffer

A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution. File data ot500213.nasl...

Schneider-electric Modicon Improper Restriction of Operations within the Bounds of a Memory Buffer

DISPUTED The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service resource consumption via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it "could not be duplicated" and "an attacker could not remotely exploit this observed behavio...

Rockwellautomation Micrologix Improper Restriction of Operations within the Bounds of a Memory Buffer

Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow remote attackers to cause a denial of service memory corruption and device crash via a crafted HTTP request. File data ot500089.nasl...

Rockwellautomation Micrologix Improper Restriction of Operations within the Bounds of a Memory Buffer

Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN 15.003 allows remote attackers to execute arbitrary code via unspecified vectors. File data ot500134.nasl...

Yokogawa Centum Improper Restriction of Operations within the Bounds of a Memory Buffer

Stack-based buffer overflow in BKBCopyD.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet. File data ot500127.nasl...

Schneider-electric Concept Improper Restriction of Operations within the Bounds of a Memory Buffer

Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header. File data ot500029.nasl...

Windriver Vxworks Improper Restriction of Operations within the Bounds of a Memory Buffer

Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component issue 3 of 4. This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect to a remote host. File data ot500203.nasl...

Windriver Vxworks Improper Restriction of Operations within the Bounds of a Memory Buffer

Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 component. There is an IPNET security vulnerability: Stack overflow in the parsing of IPv4 packets’ IP options. File data ot500279.nasl...

Rockwellautomation Rslogix Improper Restriction of Operations within the Bounds of a Memory Buffer

RnaUtility.dll in RsvcHost.exe 2.30.0.23 in Rockwell RSLogix 19 and earlier allows remote attackers to cause a denial of service crash via a crafted rna packet with a long string to TCP port 4446 that triggers 1 "a memset zero overflow" or 2 an out-of-bounds read, related to improper handling of ...