CVE-2017-10871

CVE-2017-10871 describes a buffer overflow in NTT DOCOMO Wi‑Fi STATION L-02F firmware (L02F-MDM9625-V10h-JUN-23-2017-DCM-JP and earlier). The vulnerability allows a remote attacker to execute arbitrary code by sending crafted packets; impact is described as potential full compromise of the device...

CVE-2016-9429

An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Buffer overflow in the formUpdateBuffer function in w3m allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted HTML page...

CVE-2013-0288

nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service application crash and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer...

Wireshark Multiple Vulnerabilities (Mar 2011) - Mac OS X

Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...

CVE-2011-0024

Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted capture file...

Mocha LPD 1.9 - Remote Buffer Overflow (Denial of Service) (PoC)

!/usr/bin/python Mocha LPD v1.9 Remote Heap Overflow Exploit ol skool 'write 4' whoops, I said it was a DoS. My bad. btw yes, I know its 2010 :0 CVE: 2010-1687 tested on XP sp1 use anti debugging to see it work - !hidedebug zwqueryinformationprocess call trace: ntdll.RtlAllocateHeap Called...

CVE-2009-2632

Buffer overflow in the SIEVE script component sieve/script.c, as used in cyrus-imapd in Cyrus IMAP Server 2.2.13 and 2.3.14, and Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, allows local users to execute arbitrary code and read or modify arbitrary messages via a crafted SIEVE script, related to...

CVE-2009-1490

Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header...

Long hostnames in file: URLs can cause execution of arbitrary code

Exceptionally long host names in file: URLs can cause a buffer overflow, which may be exploited to execute arbitrary code. Remote Web pages cannot refer to file: URLs, so successful exploitation involves tricking users into manually opening the exploit URL, or a local file that refers to it...

CVE-2008-4555

Stack-based buffer overflow in the pushsubg function in parser.y lib/graph/parser.c in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service memory corruption or execute arbitrary code via a DOT file with a large number of Agrapht...

Gentoo Security Advisory GLSA 200603-12 (zoo)

The remote host is missing updates announced in advisory GLSA 200603-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2006-2492

Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack...

CVE-2005-4807

Stack-based buffer overflow in the asbad function in messages.c in the GNU as gas assembler in Free Software Foundation GNU Binutils before 20050721 allows attackers to execute arbitrary code via a .c file with crafted inline assembly code...

GLSA-200502-10 : pdftohtml: Vulnerabilities in included Xpdf

The remote host is affected by the vulnerability described in GLSA-200502-10 pdftohtml: Vulnerabilities in included Xpdf Xpdf is vulnerable to a buffer overflow, as described in GLSA 200501-28. Impact : An attacker could entice a user to convert a specially crafted PDF file, potentially resulting...

CVE-2004-0597

Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which 1 the pnghandletRNS function does not properly validate the length of transparency chunk tRNS data, or the 2 pnghandlesBIT or 3...

DSA-594-1 apache - buffer overflows

Bulletin has no description...

zip: Path name buffer overflow

Background zip is a compression and file packaging utility. Description zip does not check the resulting path length when doing recursive folder compression. Impact An attacker could exploit this by enticing another user or web application to create an archive including a specially-crafted path...

imlib -- BMP decoder heap buffer overflow

Marcus Meissner discovered that imlib's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability. It is believed that this bug could be exploited for arbitrary code execution...

MPlayer: GUI filename handling overflow

Background MPlayer is a media player capable of handling multiple multimedia file formats. Description The MPlayer GUI code contains several buffer overflow vulnerabilities, and at least one in the TranslateFilename function is exploitable. Impact By enticing a user to play a file with a carefull...

lcdproc lcdd 0.x4.x - Multiple Vulnerabilities

lcdproc lcdd 0.x4.x - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/10085/info LCDproc Server LCDd has been reported to be prone to multiple remote vulnerabilities. The first issue is reported to exist in the parseallclientmessages function of parse.c, and is due to a lack of...