Adobe Flash Player <= 18.0.0.232 Multiple Vulnerabilities (APSB15-23)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 18.0.0.232. It is, therefore, affected by multiple vulnerabilities : - An unspecified stack corruption issue exists that allows a remote attacker to execute arbitrary code. CVE-2015-5567,...

OS X Regex Engine (TRE) - Stack Buffer Overflow Vulnerability

Exploit for macOS platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=428 OS X Libc uses the slightly obscure TRE regex engine http://laurikari.net/tre/ If used in enhanced mode by passing the REGENHANCED flag to regcomp TRE supports...

Apple Mac OSX Regex Engine (TRE) - Stack Buffer Overflow (PoC)

Apple Mac OSX Regex Engine TRE - Stack Buffer Overflow PoC Source: https://code.google.com/p/google-security-research/issues/detail?id=428 OS X Libc uses the slightly obscure TRE regex engine http://laurikari.net/tre/ If used in enhanced mode by passing the REGENHANCED flag to regcomp TRE support...

Kaspersky AntiVirus - CHM Parsing Stack Buffer Overflow

Kaspersky AntiVirus - CHM Parsing Stack Buffer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=524 Fuzzing CHM files with Kaspersky Antivirus produced the attached crash. 83c.fec: Access violation - code c0000005 first chance First chance exceptions are report...

Kaspersky AntiVirus - CHM Parsing Stack Buffer Overflow

Source: https://code.google.com/p/google-security-research/issues/detail?id=524 Fuzzing CHM files with Kaspersky Antivirus produced the attached crash. 83c.fec: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This exception may be...

Apple Mac OSX Regex Engine (TRE) - Stack Buffer Overflow (PoC)

Source: https://code.google.com/p/google-security-research/issues/detail?id=428 OS X Libc uses the slightly obscure TRE regex engine http://laurikari.net/tre/ If used in enhanced mode by passing the REGENHANCED flag to regcomp TRE supports arbitrary-width hex literals. Here is the code used to...

IBM HTTP Server Administration Server Stack Buffer Overflow Vulnerability

IBM WebSphere Application Server WAS is an application server product from IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform.IBM HTTP Server is a freeware product that comes with the IBM WAS product. IBM HTTP...

Yokogawa Multiple Product Stack Buffer Overflow Vulnerability

Yokogawa Japan Yokogawa Electric Corporation is a leader in measurement, industrial automation control, and information systems. A stack buffer overflow vulnerability exists in multiple Yokogawa products, which can be exploited by an attacker to cause network communications to be unresponsive by...

IKEView.exe R60 - Stack Buffer Overflow (PoC)

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-IKEVIEWR60-0914.txt Vendor: ================================ www.checkpoint.com http://pingtool.org/downloads/IKEView.exe Product: ==================================================...

Amazon Linux: Security Advisory (ALAS-2015-492)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moxa SoftCMS RTSPVIDEO.rtspvideoCtrl.1 AudioRecord Method ip Argument Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa SoftCMS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AudioRecord...

Amazon Linux: Security Advisory (ALAS-2015-503)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

(0Day) ASUS TM-AC1900 httpd Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ASUS TM-1900. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP header parsing routine. The issue lies in the failure to check the size of...

(0Day) Borland AccuRev Reprise License Server service_setup_doit Command Stack Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the servicestartupdoit functionality of the Reprise License Manager service. The issue...

(0Day) Borland AccuRev Reprise License Server activate_doit Command akey Parameter Stack Buffer Overflow Vulnerability

This vulnerability allows remote attackers to cause a stack buffer overflow in the Reprise License Management service on installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the activatedoit function of the service. The...

Mpxplay MultiMedia Commander 2.00a - .m3u Stack Buffer Overflow (PoC)

Mpxplay MultiMedia Commander 2.00a - .m3u Stack Buffer Overflow PoC Exploit Title: Mpxplay Multimedia Commander Stack-based BOF Date: 9/1/2015 Exploit Author: UnN0n Software Link: http://sourceforge.net/p/mpxplay/activity?source=projectactivity Version: V2.00a Tested on: Windows 7 x8632 BIT Steps...

Hewlett-Packard LoadRunner Controller Scenario File Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability could allow attackers to execute arbitrary code on vulnerable installations of HP LoadRunner. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

NetIQ Security Solutions for ISeries SafeShellExecute Stack Buffer Overflow (CVE-2015-0795)

A vulnerability has been reported in NetIQ Security Solutions for ISeries. The vulnerability is due to a stack buffer overflow in the NetIQExecObject.NetIQExec ActiveX Control when processing parameters to the SafeShellExecute function. A remote attacker can exploit this vulnerability by enticing...

Xion Audio Player 1.5 build 155 - Stack Buffer Overflow

Exploit Title: Xion Audio Player build 155 Stack Based BOF. Date: 8/19/2015 Exploit Author: UnN0n Software Vendor : http://www.xionplayer.com Software Link: http://www.xionplayer.com/page/download Version: 1.5 Build 155 Tested on: Windows 7 x8632 BIT Steps to Produce the Crash: 1- open 'Xion.exe'...

Microsoft Office 2007 - Malformed Document Stack Buffer Overflow

Source: https://code.google.com/p/google-security-research/issues/detail?id=170&can=1 The following access violation was observed in Microsoft Office 2007 Word document: e24.e28: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...