6907 matches found
CVE-2017-1000249
An issue in file was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 Oct 2016 lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 Aug 2017...
CVE-2017-1000249
CVE-2017-1000249 affects the file utility: a stack-based overflow in the file() handling lets an attacker overwrite a fixed 20-byte stack buffer via a specially crafted .notes section in an ELF binary. The issue originates from a code path in file; multiple advisories (Fedora, Gentoo GLSA, Amazon...
openthread: Stack-buffer-overflow in ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId
Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=4750024565063680 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthreaduntrusted Platform Id: linux Crash Type:...
file stack buffer overflow vulnerability
file is a set of tools maintained by software developer Christos Zoulas for viewing file formats on Unix-like systems. A security vulnerability exists in file versions 5.29, 5.30, and 5.31. An attacker could exploit this vulnerability to cause a denial of service...
PlugX Controller Stack Overflow
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModule 'PlugX Controller Stack Overflow', 'Description' = %q This module exploits a Stack buffer overflow in the PlugX Controller C2 server...
openthread: Stack-buffer-overflow in ot::Tlv::GetNext
Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=6361422072119296 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthreaduntrusted Platform Id: linux Crash Type:...
openthread: Stack-buffer-overflow in ot::NetworkData::Leader::AddHasRoute
Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5225417852059648 Project: openthread Fuzzer: aflopenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow...
CVE-2017-14122
unrar 0.0.1 aka unrar-free or unrar-gpl suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp...
openthread: Stack-buffer-overflow in ot::MeshCoP::DatasetManager::Set
Detailed report: https://oss-fuzz.com/testcase?key=5249360952557568 Project: openthread Fuzzer: libFuzzeropenthreadradio-receive-done-fuzzer Fuzz target binary: radio-receive-done-fuzzer Job Type: libfuzzerasanopenthreaduntrusted Platform Id: linux Crash Type: Stack-buffer-overflow READ 12 Crash...
openthread: Stack-buffer-overflow in ot::NetworkData::HasRouteEntry::GetRloc
Detailed report: https://oss-fuzz.com/testcase?key=4983359669272576 Project: openthread Fuzzer: libFuzzeropenthreadradio-receive-done-fuzzer Fuzz target binary: radio-receive-done-fuzzer Job Type: libfuzzerasanopenthreaduntrusted Platform Id: linux Crash Type: Stack-buffer-overflow READ 2 Crash...
OpenJPEG Stack Buffer Overflow Vulnerability
OpenJPEG is a C-based open source JPEG 2000 codec . A stack buffer overflow vulnerability exists in the 'pgxtoimage' function in the bin/jp2/convert.c file in OpenJPEG version 2.2.0. A remote attacker could exploit this vulnerability to cause a denial of service or possibly execute code write...
Advantech WebAccess Stack Buffer Overflow Vulnerability
Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A stack buffer overflow vulnerability exists in Advantech...
Delta Industrial Automation PMSoft Stack Buffer Overflow Vulnerability (CNVD-2017-228255)
Delta Industrial Automation is a global industrial automation manufacturer of power management and thermal solutions. WPLSoft and PMSoft are Delta's PLC programming software. A stack buffer overflow vulnerability exists in the parsing of information from a TTreeView object in a ppm project file...
Delta Industrial Automation WPLSoft Stack Buffer Overflow Vulnerability
Delta Industrial Automation is a global industrial automation manufacturer of power management and thermal solutions. WPLSoft and PMSoft are Delta's PLC programming software. A stack buffer overflow vulnerability exists in Delta Industrial Automation WPLSoft. Due to a failure to properly validate...
NoviFlow NoviWare and NoviSwitch Device Stack Buffer Overflow Vulnerability
NoviFlow NoviWare and NoviSwitch devices are both products of NoviFlow Canada.NoviSwitch devices are a series of switching devices.NoviWare is the switching software used in... A stack buffer overflow vulnerability exists in the Network interface of the cliengine and noviengine services in NoviFl...
fuchsia_fidl: Stack-buffer-overflow in fidl::StringView::operator<
Detailed report: https://oss-fuzz.com/testcase?key=5376132784324608 Project: fuchsiafidl Fuzzer: libFuzzerfuchsiafidlfuzzer Fuzz target binary: fuchsiafidlfuzzer Job Type: libfuzzerubsanfuchsiafidl Platform Id: linux Crash Type: Stack-buffer-overflow READ 2 Crash Address: 0x7ffd4d8165d8 Crash...
Stack overflow
Stack buffer overflow in httpd in Asuswrt-Merlin firmware 380.670RT-AC5300 and earlier for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200,...
CVE-2017-12754
The CVE-2017-12754 entry describes a stack buffer overflow in the httpd component of Asuswrt-Merlin firmware (notably 380.67_0RT-AC5300 and earlier) across numerous ASUS router models. A remote attacker can trigger arbitrary code execution by sending a crafted HTTP GET request containing a long d...
HP Data Protector Software Stack Buffer Overflow Vulnerability
HP Data Protector Software is a suite of unified data protection solutions from Hewlett-Packard HP in the United States. The solution protects data across all physical and virtual environments by utilizing an intelligent data management approach that provides three-party application source, stand...
Eaton ELCSoft ELCSimulator Stack Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Eaton ELCSoft. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of network TCP requests by ELCSimulator.exe. A crafted request will cause...