6906 matches found
UltraISO Stack Buffer Overflow Vulnerability
UltraISO is popular BIN/ISO editing software that allows direct editing of a wide range of image files. A stack buffer overflow vulnerability exists in UltraISO version 9.6.6.3300. An attacker could exploit this vulnerability to execute arbitrary code in the context of an application or cause a...
gdal: Stack-buffer-overflow in nc4_check_name
Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=6380982435315712 Project: gdal Fuzzer: libFuzzergdalmitabtabfuzzer Fuzz target binary: mitabtabfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address:...
gdal: Stack-buffer-overflow in CSLAddNameValue
Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=4969921421246464 Project: gdal Fuzzer: libFuzzergdalmrffuzzer Fuzz target binary: mrffuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address:...
Important: Red Hat Security Advisory: qemu-kvm-rhev security, bug fix, and enhancement update
An update for qemu-kvm-rhev is now available for RHEV 4.X RHEV-H and Agents for RHEL-7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
PHP 7.0.x < 7.0.21, 7.1.x < 7.1.7 Multiple Vulnerabilities (Jul 2017) - Linux
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
PHP 7.0.x < 7.0.21, 7.1.x < 7.1.7 Multiple Vulnerabilities (Jul 2017) - Windows
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
ffmpeg: Stack-buffer-overflow in CProgramConfig_LookupElement
Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://oss-fuzz.com/testcase?key=6752357788418048 Project: ffmpeg Fuzzer: libFuzzerffmpegAVCODECIDLIBFDKAACfuzzer Fuzz target binary: ffmpegAVCODECIDLIBFDKAACfuzzer Job Type: libfuzzerasanffmpeg Platform Id: linux Crash Type:...
PlugX Controller Stack Buffer Overflow
This module exploits a stack buffer overflow in the PlugX Controller C2 server. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModule 'PlugX Controller Stack Buffer Overflow',...
Devil's Ivy vulnerability(CVE-2017-9765)
When we began a security analysis of remote configuration services last year, we had no idea it would lead us to uncover vulnerabilities that affect so many users. We have been studying the prevalence and nature of the vulnerabilities that arise in remote configuration services, so when we...
Dahua IP cameras Sonia web interface is vulnerable to stack buffer overflow
Overview Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Description CWE-121: Stack-based Buffer Overflow - CVE-2017-3223Dahua IP camera products include an...
CVE-2017-11345
Stack buffer overflow in networkmap in Asuswrt-Merlin firmware for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200, RT-AC3100, RTAC1200GU,...
CVE-2017-11345
CVE-2017-11345 describes a stack buffer overflow in the networkmap component of Asuswrt-Merlin firmware and ASUS firmware for a broad range of ASUS routers (e.g., RT-AC53, RT-AC68U, RT-AC88U, RT-N66U, RT-N12, RT-AC3200, RT-AC3100, etc.). The vulnerability is triggered when a crafted device descri...
PHP < 5.6.28, 7.x < 7.0.13 Multiple Vulnerabilities (Nov 2016) - Windows
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
PHP < 5.6.28, 7.x < 7.0.13 Multiple Vulnerabilities (Nov 2016) - Linux
PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
Internet Bug Bounty: PHP INI Parsing Stack Buffer Overflow Vulnerability
Description: A stack buffer overflow exists in the latest stable release of PHP-7.1.5 and PHP-5.6.30 in PHP INI parsing API, which may accept network / local filesystem input. On malformed inputs, a stack buffer overflow in zendinidoop could write 1-byte off a fixed size stack buffer. On...
gdal: Stack-buffer-overflow in void SwapEndianness<long&, unsigned long>
Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=4870022369378304 Project: gdal Fuzzer: aflgdalcadfuzzer Fuzz target binary: cadfuzzer Job Type: aflasangdal Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Crash Address: 0x7f85edf6d128 Crash...
Schneider Electric Wonderware ArchestrA Logger Stack Buffer Overflow Vulnerability
Schneider Electric Wonderware ArchestrA Logger is a logger from Schneider Electric France for use on Schneider equipment. A stack buffer overflow vulnerability exists in Schneider Electric Wonderware ArchestrA Logger 2017.426.2307.1 and earlier versions. A remote attacker could exploit the...
CVE-2017-8781
XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted JPEG 2000 file that is mishandled during the opening of a directory in "Browser" mode, because of a "Stack Buffer Overrun" issue...
CVE-2017-8781
XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted JPEG 2000 file that is mishandled during the opening of a directory in "Browser" mode, because of a "Stack Buffer Overrun" issue...
CVE-2017-10745
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun /GS Exception starting at ntdll77df0000!RtlProcessFlsData+0x00000000000000b0."...