SUSE-SU-2022:1252-1 Security update for openjpeg2

This update for openjpeg2 fixes the following issues: - CVE-2018-5727: Fixed integer overflow vulnerability in theopjt1encodecblks function bsc1076314. - CVE-2018-5785: Fixed integer overflow caused by an out-of-bounds leftshift in the opjj2ksetupencoder function bsc1076967. - CVE-2018-6616: Fixe...

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition may affect IBM Content Collector for SAP Applications

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition that is used by IBM Content Collector for SAP Applications. These issues disclosed in the Oracle January 2021 Critical Patch Update. Vulnerability Details CVEID: CVE-2020-14803 DESCRIPTION: An unspecified vulnerabilit...

CVE-2019-18634

A flaw was found in the Sudo application when the ’pwfeedback' option is set to true on the sudoers file. An authenticated user can use this vulnerability to trigger a stack-based buffer overflow under certain conditions even without Sudo privileges. The buffer overflow may allow an attacker to...

Buffer overflow

An issue was discovered in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. The faadresetbits function in libfaad/bits.c is affected by a buffer overflow vulnerability. The number of bits to be read is determined by ld-buffersize - words4, cast to uint32. If ld-buffersize - words4 is negative, a...

Advantech WebAccess GotoCmd参数处理栈缓冲区溢出漏洞

CVE ID:CVE-2014-0765 Advantech WebAccess HMI/SCADA是一款HMI/SCADA软件。 Advantech WebAccess处理GotoCmd参数时不正确过滤用户输入，允许远程攻击者利用漏洞提交特殊参数触发基于栈的缓冲区溢出，可使应用程序崩溃或执行任意代码。 0 Advantech WebAccess 7.1 Advantech WebAccess 7.2版本已修复该漏洞，建议用户下载使用： http://webaccess.advantech.com/...

No-IP Dynamic Update Client (DUC) 2.1.9 - Local IP Address Stack Overflow

!/usr/bin/env python Title: No-IP Dynamic Update Client DUC 2.1.9 local IPaddress stack overflow Author: Alberto Ortega @a0rtega [email protected] Date: May 11 2013 vulnerability discovered Background: No-IP is probably the most used Dynamic DNS provider worldwide, their Dynamic Update Client D...

DVD X Player 5.5.37 Pro / Standard Buffer Overflow Vulnerability

DVD X Player versions 5.5.37 Pro and Standard structured exception handler SEH buffer overflow exploit that pops calc.exe. !/usr/bin/env ruby Exploit Title:DVD X Player 5.5.3.7 Pro & Standard SEH Buffer Overflow Download link :http://www.aviosoft.com/dvd-player.html RST Author: metacom Date...

Avid Media Composer 5.5 - Avid Phonetic Indexer Stack Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Avid Media Compos...

Xitami Web Server 2.5 Buffer Overflow

Exploit Title: Xitami Web Server 2.5 Remote Buffer Overflow Egghunter Date: June 4, 2011 Author: Glafkos Charalambous Version: 2.5b4 Tested on: Windows XP SP3 En Discovered by: Krystian Kloskowski root@bt:/Desktop python xitami.py 192.168.0.24 80 + Connected + Sending payload... + Check Port 1337...

Audiotran 1.4.1 (PLS File) Stack Buffer Overflow

This module exploits a stack-based buffer overflow in Audiotran 1.4.1. An attacker must send the file to victim and the victim must open the file. Alternatively it may be possible to execute code remotely via an embedded PLS file within a browser, when the PLS extension is registered to Audiotran...

Creative Software AutoUpdate Engine ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in Creative Software AutoUpdate Engine. When sending an overly long string to the cachefolder property of CTSUEng.ocx an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

EasyMail MessagePrinter Object - emprint.dll 6.0.1.0 Remote Buffer Overflow

EasyMail MessagePrinter Object - emprint.dll 6.0.1.0 Remote Buffer Overflow pwnin'... //add su one, user: sun pass: tzu shellcode =...

EnjoySAP SAP GUI ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in SAP KWEdit ActiveX Control kwedit.dll 6400.1.1.41 provided by EnjoySAP GUI. By sending an overly long string to the "PrepareToPostHTML" method, an attacker may be able to execute arbitrary code. This module requires Metasploit:...