Rockwell Automation Logix Controller Stack Buffer Overflow (CVE-2016-9343)

A stack buffer overflow vulnerability exists in Rockwell Automation Logix Controllers. The vulnerability is due to insufficient bounds checking. A successful exploitation could lead to arbitrary code execution...

RHEL 7 : firefox (RHSA-2017:1106)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2017:1106 advisory. Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.1.0 ESR. Security Fixes: Multiple flaws were found...

shopify-scripts: mirb only: stack-buffer-overflow (OOB write) in main()

Triggered in 7e28510 7 April 2017 with mirb only. cat test013.rb | mirb ==17976==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7fffeb477fb0 at pc 0x408c21 bp 0x7fffeb477a90 sp 0x7fffeb477a88 WRITE of size 1 at 0x7fffeb477fb0 thread T0 0 0x408c20 in main...

dlplibs: Stack-buffer-overflow in StarWriterStruct::DatabaseName::read

Detailed report: https://oss-fuzz.com/testcase?key=5177092629069824 Project: dlplibs Fuzzer: libFuzzerdlplibssdwfuzzer Fuzz target binary: sdwfuzzer Job Type: libfuzzerasandlplibs Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4 Crash Address: 0x7f3a03d7f378 Crash State:...

Even the WiFi can also be black? iOS 10.3 to the presence of high-risk vulnerabilities, please everyone rushed to upgrade! - Vulnerability warning-the black bar safety net

iOS 10.3 update soon, Apple launched iOS 10.3.1, according to Apple provides the iOS version, the iOS 10.3 official version of the total repair more than one hundred security vulnerabilities, and to achieve a certain extent of safety improvement. And in the version released after less than a week...

CommVault Edge 11 SP6 - Stack Buffer Overflow (PoC) Exploit

Exploit for windows platform in category dos / poc import socket import binascii import time import struct s = socket.socketsocket.AFINET, socket.SOCKSTREAM s.settimeout1 s.connect"10.101.0.85", 8400 def srp=None, r=None: if p: print "sending %d bytes: %s " % lenp/2,p payl = binascii.a2bhexp...

Stack overflow

On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r FT authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition Information Element FT-IE...

Stack overflow

Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating system could potentially isolate itself from CVE-2017-6956 exploitation without patching Broadcom firmware functions, there is a separate CVE I...

CVE-2017-6975

Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating system could potentially isolate itself from CVE-2017-6956 exploitation without patching Broadcom firmware functions, there is a separate CVE I...

CVE-2017-6956

On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r FT authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition Information Element FT-IE...

CVE-2017-6956

The CVE-2017-6956 entry concerns the Broadcom Wi‑Fi HardMAC SoC with fbt firmware. The issue is a stack buffer overflow in the FT (802.11r) authentication response handling, exploitable via a crafted AP that sends a long R0KH-ID in the FT‑IE, leading to remote code execution. Affected component i...

Broadcom: Stack buffer overflow when handling 802.11r (FT) authentication response (CVE-2017-6975)

Detailed analysis of reference : the https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi4.html the first part https://googleprojectzero.blogspot.tw/2017/04/over-air-exploiting-broadcoms-wi-fi11.html Part II Broadcom produces the Wi-Fi HardMAC SoCs which are used to...

Apple iOS stack buffer overflow was addressed through improved input validation (CVE-2017-6975)

iOS 10.3.1 is now available and addresses the following: Wi-Fi Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A stack buffer overflo...

openSUSE Security Update : virglrenderer (openSUSE-2017-415)

This update for virglrenderer fixes the following issues : Security issues fixed : - CVE-2017-6386: memory leakage while in vrendcreatevertexelementsstate bsc1027376 - CVE-2017-6355: integer overflow while creating shader object bsc1027108 - CVE-2017-6317: fix memory leak in add shader program...

3S-Smart Software Solutions GmbH CODESYS Web Server

CVSS v3 9.8 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS Web Server Vulnerabilities: Arbitrary File Upload, Stack Buffer Overflow AFFECTED PRODUCTS The following versions of CODESYS Web Server, part of the CODESYS WebVisu...

Broadcom: Stack buffer overflow when parsing CCKM reassociation response(CVE-2017-6957)

Broadcom produces Wi-Fi HardMAC SoCs which are used to handle the PHY and MAC layer processing. These chips are present in both mobile devices and Wi-Fi routers, and are capable of handling many Wi-Fi related events without delegating to the host OS. In order to allow fast roaming between access...

Immunity Canvas: IIS6_PROPFIND

Name| iis6propfind ---|--- CVE| CVE-2017-7269 Exploit Pack| CANVAS Description| IIS 6.0 PROPFIND ScStoragePathFromUrl Stack Buffer Overflow Notes| References: 'https://vulners.com/cve/CVE-2017-7269', 'https://github.com/edwardz246003/IISexploit' CVE Name: CVE-2017-7269 VENDOR: Microsoft...

Fatek Automation PLC Ethernet Module Stack Buffer Overflow Vulnerability

Fatek Automation PLC is a controller developed by Fatek Automation. A stack-based buffer overflow vulnerability exists in the Fatek Automation PLC Ethernet Module. A remote attacker could use this vulnerability to execute arbitrary code in the context of the affected application, which could also...

Stack overflow

Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G AL3G version 2.23m Rev. 3, Air:Link 5000AC AL5000AC version 1.13, and Air:Link 59300 AL59300 version 1.04 Rev. 4 devices allow remote attackers to execute arbitrary code or crash the web service via the 1...

CVE-2016-10273

Multiple stack buffer overflow vulnerabilities in Jensen of Scandinavia AS Air:Link 3G AL3G version 2.23m Rev. 3, Air:Link 5000AC AL5000AC version 1.13, and Air:Link 59300 AL59300 version 1.04 Rev. 4 devices allow remote attackers to execute arbitrary code or crash the web service via the 1...