CVE-2017-9949

The grubmemmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service stack-based buffer underflow and application crash or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GN...

CVE-2017-9949

The grubmemmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service stack-based buffer underflow and application crash or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GN...

CVE-2017-9949

The grubmemmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service stack-based buffer underflow and application crash or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GN...

CVE-2017-9949

CVE-2017-9949 affects radare2 1.5.0, where the function grub_memmove in shlr/grub/kern/misc.c can be triggered by a crafted binary file, leading to a stack-based buffer underflow and application crash (denial of service), with potential unspecified impact. Some sources also reference a related bu...

CVE-2017-9949

The grubmemmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service stack-based buffer underflow and application crash or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GN...

CVE-2017-9203

imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service buffer underflow via a crafted image, related to imagew-bmp.c...

Buffer overflow

imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service buffer underflow via a crafted image, related to imagew-bmp.c...

CVE-2017-9203

imagew-main.c:960:12 in libimageworsener.a in ImageWorsener 1.3.1 allows remote attackers to cause a denial of service buffer underflow via a crafted image, related to imagew-bmp.c...

CVE-2017-9203

CVE-2017-9203 affects ImageWorsener 1.3.1 in libimageworsener.a. The issue is triggered by crafted BMP/images, with the fault located at imagew-main.c:960:12 (related to imagew-bmp.c), causing a denial of service via a buffer underflow. Multiple connected records confirm the same description acro...

CVE-2015-6674

Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836...

Buffer overflow

Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836...

DEBIAN-CVE-2015-6674

Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836...

CVE-2015-6674

Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836...

UBUNTU-CVE-2015-6674

Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836...

CVE-2015-6674

Summary: CVE-2015-6674 is a buffer underflow in the Debian inspircd package for wheezy and jessie/sid. The issue is tied to an incomplete fix of CVE-2012-1836 and is described as an additional issue, affecting inspircd before 2.0.5-1+deb7u1 (wheezy) and before 2.0.16-1 (jessie/sid). The connected...

CVE-2015-6674

Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and before 2.0.16-1 for jessie and sid. NOTE: This issue exists as an additional issue from an incomplete fix of CVE-2012-1836...

flash-plugin: multiple code execution issues fixed in APSB17-07

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution...

Buffer overflow

Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable buffer overflow / underflow vulnerability in the Primetime TVSDK that supports customizing ad information. Successful exploitation could lead to arbitrary code execution...

Ruby: sprintf combined format string attack

In a ticket that was also reported to "shopify-scripts" regarding "MRuby", I reported in details a combined attack against the sprintf gem: Information leak Heap buffer underflow The full ticket details can be found in: Ticket 212239 The ticked was opened several minutes ago but I add it in case ...

shopify-scripts: sprintf gem - format string combined attack

In the sprintf gem, NOT included in mruby-engine, there are severe vulnerabilities, including information leak, and heap buffer overflow. Here are the technical details. Technical Error 1: ============== The CHECKl macro can sometimes receive negative values, that will bypass the size checks, sin...