Scientific Linux Security Update : cups on SL7.x x86_64 (20201001)

Security Fixes : - cups: DNS rebinding attacks via incorrect whitelist CVE-2017-18190 - cups: stack-buffer-overflow in libcups's asn1gettype function CVE-2019-8675 - cups: stack-buffer-overflow in libcups's asn1getpacked function CVE-2019-8696 C Tenable Network Security, Inc. The descriptive text...

cups security update

CentOS Errata and Security Advisory CESA-2020:3864 An update for cups is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CentOS 7 : cups (RHSA-2020:3864)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3864 advisory. - A localhost.localdomain whitelist entry in validhost in scheduler/client.c in CUPS before 2.2.2 allows remote attackers to execute arbitrary IPP...

Microsoft Office Word 2003+2007+2010 Universal 0day Exploit

This module targets Office 2003 no-SP/SP1/SP2/SP3 + 2007 no-SP/SP/SP2/SP3 + Office 2010 no-SP/SP1 versions. This module exploits a stack buffer overflow in SCOMCTL.OCX. It uses a malicious RTF to embed the specially crafted MSComctlLib.ListViewCtrl.2 Control as exploited in the wild on April 2012...

CVE-2020-1664

A stack buffer overflow vulnerability in the device control daemon DCD on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service DoS against the daemon or execute arbitrary code in the system with root privilege. This issue affects Juniper Networks Junos OS: 17....

Stack overflow

A stack buffer overflow vulnerability in the device control daemon DCD on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service DoS against the daemon or execute arbitrary code in the system with root privilege. This issue affects Juniper Networks Junos OS: 17....

CVE-2020-1664

CVE-2020-1664 documents a stack buffer overflow in Juniper Networks Junos OS device control daemon (DCD). The issue allows a low-privilege local user to cause a DoS or execute arbitrary code with root privileges. Affected products include Junos OS versions listed in the CVE (e.g., 17.3 through 20...

ffmpeg:ffmpeg_dem_VIVIDAS_fuzzer: Stack-buffer-overflow in get_bits

Project: https://git.ffmpeg.org/ffmpeg.git Detailed Report: https://oss-fuzz.com/testcase?key=5721057325219840 Project: ffmpeg Fuzzing Engine: libFuzzer Fuzz Target: ffmpegdemVIVIDASfuzzer Job Type: libfuzzerasanffmpeg Platform Id: linux Crash Type: Stack-buffer-overflow READ 4 Crash Address:...

Fix of 227 CVE

Fix bug 69720: Null pointer dereference in phargetfpoffset - Fix bug 70728: Type Confusion Vulnerability in PHPtoXMLRPCworker - Fix bug 70661: Use After Free Vulnerability in WDDX Packet Deserialization - Fix bug 70741: Session WDDX Packet Deserialization Type Confusion Vulnerability - Fix bug...

OSV-2020-2054 Stack-buffer-overflow in void put_epel_hv_fallback<unsigned short>

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26280 Crash type: Stack-buffer-overflow READ 2 Crash state: void putepelhvfallback accelerationfunctions::puthevcepelh void mcchroma...

OSV-2020-2014 Stack-buffer-overflow in flb_sds_cat

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26237 Crash type: Stack-buffer-overflow READ Crash state: flbsdscat flbmsgpackgelfvalue flbmsgpacktogelf...

Oracle Linux 7 : tigervnc (ELSA-2020-3875)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3875 advisory. 1.8.0-21 - Add upstream patch needed because of previous security fixes Resolves: bz1826822 1.8.0-20 - Fix stack buffer overflow in...

libreoffice:sftfuzzer: Stack-buffer-overflow in ParseCMAP

Project: git://anongit.freedesktop.org/libreoffice/core Detailed Report: https://oss-fuzz.com/testcase?key=4859879712620544 Project: libreoffice Fuzzing Engine: afl Fuzz Target: sftfuzzer Job Type: aflasanlibreoffice Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 1 Crash Address:...

OSV-2020-1981 Stack-buffer-overflow in fuzz_reader_transmit

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26103 Crash type: Stack-buffer-overflow WRITE Crash state: fuzzreadertransmit scsingletransmit sctransmit...

opensc:fuzz_pkcs15_reader: Stack-buffer-overflow in fuzz_reader_transmit

Project: https://github.com/OpenSC/OpenSC.git Detailed Report: https://oss-fuzz.com/testcase?key=5085716578828288 Project: opensc Fuzzing Engine: libFuzzer Fuzz Target: fuzzpkcs15reader Job Type: libfuzzerasanopensc Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address:...

Sony IPELA Network Camera 1.82.01 - &#039;ftpclient.cgi&#039; Remote Stack Buffer Overflow

Exploit Title: Sony IPELA Network Camera 1.82.01 - 'ftpclient.cgi' Remote Stack Buffer Overflow Google Dork: Server: Mida eFramework Date: 2020-09-30 Exploit Author: LiquidWorm Vendor Homepage: https://pro.sony Version: = 1.82.01 !/usr/bin/env python Sony IPELA Network Camera ftpclient.cgi Remote...

Sony IPELA Network Camera (ftpclient.cgi) Remote Stack Buffer Overflow

Summary IPELA is Sony's vision of the ultimate workplace, designed to revolutionize the way business communicates over global IP networks. IPELA products can improve the efficiency of your organization by connecting people and places with high-quality audio and video. The SNC-DH120T is an indoor...

cups: stack-buffer-overflow in libcups's asn1_get_packed function

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code...

Moderate: Red Hat Security Advisory: cups security and bug fix update

An update for cups is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

OSV-2020-1860 Stack-buffer-overflow in sc_get_response

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25998 Crash type: Stack-buffer-overflow WRITE Crash state: scgetresponse sctransmit sctransmitapdu...