379 matches found
CVE-2017-9700
CVE-2017-9700 affects Android-on-MSM variants (CAFs/Linux kernel-based Android builds) where a 64-character image name can trigger a buffer overwrite in fw_name_store. The vulnerability is rooted in image-name handling within the fw_name_store path, impacting Android for MSM, Firefox OS for MSM, ...
Important: file
Issue Overview: An issue in file allowed an attacker to overwrite a fixed 20-byte stack buffer with a specially crafted .notes section in an ELF binary. Affected Packages: file Issue Correction: Run yum update file or yum update --advisory ALAS-2017-900 to update your system. New Packages: i686:...
Stack overflow
An issue in file was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 Oct 2016 lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 Aug 2017...
CVE-2017-1000249
CVE-2017-1000249 affects the file utility: a stack-based overflow in the file() handling lets an attacker overwrite a fixed 20-byte stack buffer via a specially crafted .notes section in an ELF binary. The issue originates from a code path in file; multiple advisories (Fedora, Gentoo GLSA, Amazon...
CVE-2017-1000249
An issue in file was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 Oct 2016 lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 Aug 2017...
CVE-2017-1000249
An issue in file was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 Oct 2016 lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 Aug 2017...
UBUNTU-CVE-2017-9242
The ip6appenddata function in net/ipv6/ip6output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service system crash via crafted system calls...
Debian DLA-711-1 : curl security update
CVE-2016-8615 If cookie state is written into a cookie jar file that is later read back and used for subsequent requests, a malicious HTTP server can inject new cookies for arbitrary domains into said cookie jar. The issue pertains to the function that loads cookies into memory, which reads the...
PHP fpm_log.c Denial of Service Vulnerability
PHP is an open source general-purpose computer scripting language. A security vulnerability in PHP's fpmlog.c file allows remote attackers to conduct denial-of-service attacks by leaking memory information or overwriting buffers...
Putty pscp 0.66 - Stack Buffer Overwrite
Exploit for multiple platform in category dos / poc Source: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563 Author: Date: Feb 20th, 2016 Name: putty Vendor: sgtatham - http://www.chiark.greenend.org.uk/sgtatham/putty/ Version: 0.59 3 9 years ago = affected = 0.66 Platforms: win/ni...
Putty pscp 0.66 - Stack Buffer Overwrite
Putty pscp 0.66 - Stack Buffer Overwrite Source: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563 Author: Date: Feb 20th, 2016 Name: putty Vendor: sgtatham - http://www.chiark.greenend.org.uk/sgtatham/putty/ Version: 0.59 3 9 years ago = affected = 0.66 Platforms: win/nix Technolog...
Putty pscp 0.66 - Stack Buffer Overwrite
Source: https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563 Author: Date: Feb 20th, 2016 Name: putty Vendor: sgtatham - http://www.chiark.greenend.org.uk/sgtatham/putty/ Version: 0.59 3 9 years ago = affected = 0.66 Platforms: win/nix Technology: c Vuln Classes: stack buffer overwrite...
Internet Bug Bounty: putty pscp client-side post-auth stack buffer overwrite when processing remote file size
Not sure if this will qualify but it may impact a pretty broad audience given the fact that putty code is part of many other apps filezilla, ... and it is the defacto standalone ssh client for windows administrators besides openssh cygwin putty = 0.66; affects putty versions dating back 9 years...
PT-2017-3937
Name of the Vulnerable Software and Affected Versions libmspack versions prior to 0.7alpha Description The issue is related to the kwajd read headers function in libmspack, which can cause a one or two byte overwrite due to bad KWAJ file header extensions. This can lead to a buffer overflow in...
CVE-2007-3506
The ftbitmapassurebuffer function in src/base/ftbimap.c in FreeType 2.3.3 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors involving bitmap fonts, related to a "memory buffer overwrite bug."...
openSUSE Security Update : glibc (openSUSE-SU-2013:1510-1)
This update fixes the following issues in glibc : - CVE-2012-4412: glibc: buffer overflow in strcoll - CVE-2013-0242: glibc: DoS due to a buffer overrun in regexp matcher by processing multibyte characters - CVE-2013-1914: glibc: stack overflow in getaddrinfo sorting - CVE-2013-2207: glibc: ptcho...
CVE-2013-1324
Stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT allows remote attackers to execute arbitrary code via a crafted WordPerfect document .wpd file, aka "Word Stack Buffer Overwrite Vulnerability."...
Fedora 19 : mod_fcgid-2.3.9-1.fc19 (2013-18638)
Current upstream maintenance release, including a security fix for a possible heap buffer overwrite issue CVE-2013-4365. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...
Fedora 20 : mod_fcgid-2.3.9-1.fc20 (2013-18579)
Current upstream maintenance release, including a security fix for a possible heap buffer overwrite issue CVE-2013-4365. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...
Microsoft Excel 2007 SP2 Buffer Overwrite Exploit
No description provided by source. Abysssec Research 1 Advisory information Title : Microsoft Excel 2007 SP2 Buffer Overwrite Vulnerability Analysis : Abysssec.com Vendor : http://www.microsoft.com Impact : Critical Contact : info at abysssec.com Twitter : @abysssec Microsoft : A remote code...