CVE-2017-9106

An issue was discovered in adns before 1.5.2. adnsrrinfo mishandles a bogus datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun depending on the sizes of the types on...

DEBIAN-CVE-2017-9107

An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with , and adnsqfquoteokquery was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. It would depart...

Design/Logic Flaw

An issue was discovered in adns before 1.5.2. adnsrrinfo mishandles a bogus datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun depending on the sizes of the types on...

CVE-2017-9107

An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with , and adnsqfquoteokquery was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. It would depart...

Design/Logic Flaw

An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with , and adnsqfquoteokquery was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. It would depart...

UBUNTU-CVE-2017-9107

An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with , and adnsqfquoteokquery was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. It would depart...

CVE-2017-9106

An issue was discovered in adns before 1.5.2. adnsrrinfo mishandles a bogus datap. The general pattern for formatting integers is to sprintf into a fixed-size buffer. This is correct if the input is in the right range; if it isn't, the buffer may be overrun depending on the sizes of the types on...

CVE-2017-9107

An issue was discovered in adns before 1.5.2. It overruns reading a buffer if a domain ends with backslash. If the query domain ended with , and adnsqfquoteokquery was specified, qdparselabel would read additional bytes from the buffer and try to treat them as the escape sequence. It would depart...

The vulnerability of the Analytics, Visibility, and Reporting services of the NGINX Controller monitoring and management application platform allows a hacker to execute arbitrary code.

The vulnerability of the Analytics, Visibility, and Reporting services of the NGINX Controller monitoring and management platform is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to writing data beyond the buffer in memory, allowing attackers to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 is related to data writing beyond the buffer limits in memory. Exploiting this vulnerability can...

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to an operation that goes beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerabili...

PT-2020-8501 · Adns +2 · Adns +2

Name of the Vulnerable Software and Affected Versions: adns versions prior to 1.5.2 Description: An issue in pap mailbox822 does not properly check st from adns findlabel next, potentially allowing an attacker to crash the program, leak memory contents, allocate excessive memory, or overrun a...

PT-2020-8505 · Adns +2 · Adns +2

Name of the Vulnerable Software and Affected Versions: adns versions prior to 1.5.2 Description: An issue was discovered in adns where it overruns reading a buffer if a domain ends with a backslash. If the query domain ended with a backslash and adns qf quoteok query was specified, qdparselabel...

The vulnerability of the Adobe Bridge file manager, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Bridge file manager is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted request...

libjpeg-turbo -- Issue in the PPM reader causing a buffer overrun in cjpeg, TJBench, or the tjLoadImage() function.

libjpeg-turbo releases reports: This release fixes the following security issue: Heap-based buffer over-read in getrgbrow in rdppm.c via a malformed PPM input file...

The vulnerability of the WritePNMImage function (coders/pnm.c) in the console-based image editing tool ImageMagick allows a hacker to trigger a service failure and expose sensitive information.

The vulnerability of the WritePNMImage function in the console-based image editing tool ImageMagick is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures and expose sensitive informati...

The vulnerability of the Proxy-Authentication component of the Squid proxy server allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the Proxy-Authentication component of the Squid proxy server is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause service failures or execute arbitrary code...

The vulnerability of the ChakraCore JavaScript script handler, related to the execution of operations beyond the buffer boundaries in memory, allows attackers to execute arbitrary code.

The vulnerability of the ChakraCore JavaScript script handler is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Vulnerabilities of operating systems such as iOS, tvOS, macOS, watchOS, the browser Safari, the multimedia player iTunes for Windows operating systems, and the iCloud service for Windows operating systems, related to the execution of operations beyond the buffer in memory, allowing attackers to execute arbitrary code.

Vulnerabilities of operating systems such as iOS, tvOS, macOS, watchOS, the browser Safari, the multimedia player iTunes for operating systems Windows, and the iCloud service for operating systems Windows are related to the execution of operations outside of the buffer in memory. Exploitation of...

The vulnerability of the GAS frame processing function in the 802.11 protocol of Cisco Wireless LAN Controllers allows a attacker to induce a service failure.

The vulnerability of the Generic Advertising Service GAS frame processing function in Cisco Wireless LAN Controllers based on the 802.11 protocol is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure ...