Lucene search
K

119 matches found

Prion
Prion
added 2017/04/10 2:59 p.m.20 views

Buffer overflow

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...

6.5CVSS9AI score0.06243EPSS
Exploits0References3Affected Software2
NVD
NVD
added 2017/04/10 2:59 p.m.28 views

CVE-2017-7617

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...

8.8CVSS9.1AI score0.06243EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2017/04/10 2:59 p.m.28 views

CVE-2017-7617

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...

8.8CVSS7.8AI score0.06243EPSS
Exploits0References4
OSV
OSV
added 2017/04/10 2:59 p.m.21 views

CVE-2017-7617

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...

8.8CVSS7.7AI score
Exploits0References3
CVE
CVE
added 2017/04/10 2:0 p.m.94 views

CVE-2017-7617

CVE-2017-7617 affects Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1, and Certified Asterisk 13.13 before 13.13-cert3. The issue is a buffer overflow in the CDR user field (in Party A context for the CDR and related to X-ClientCode in chan_sip), enabling remote code execution. Im...

8.8CVSS8.9AI score0.06243EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2017/04/10 2:0 p.m.57 views

CVE-2017-7617

Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...

8.8CVSS8.9AI score0.06243EPSS
Exploits0
FreeBSD
FreeBSD
added 2017/03/27 12:0 a.m.10 views

asterisk -- Buffer overflow in CDR's set user

The Asterisk project reports: No size checking is done when setting the user field on a CDR. Thus, it is possible for someone to use an arbitrarily large string and write past the end of the user field storage buffer. This allows the possibility of remote code injection...

2.9AI score
Exploits0References2
NVD
NVD
added 2016/09/21 2:59 a.m.15 views

CVE-2016-6530

Dentsply Sirona formerly Schick CDR Dicom 5 and earlier has default passwords for the sa and cdr accounts, which allows remote attackers to obtain administrative access by leveraging knowledge of these passwords...

10CVSS9.5AI score0.03108EPSS
Exploits0References3
OSV
OSV
added 2016/09/21 2:59 a.m.4 views

CVE-2016-6530

Dentsply Sirona formerly Schick CDR Dicom 5 and earlier has default passwords for the sa and cdr accounts, which allows remote attackers to obtain administrative access by leveraging knowledge of these passwords...

9.8CVSS5.9AI score0.03108EPSS
Exploits0References3
CVE
CVE
added 2016/09/21 1:0 a.m.32 views

CVE-2016-6530

The CVE-2016-6530 issue affects Dentsply Sirona CDR DICOM 5 and earlier, where hard-coded/default credentials (sa and cdr) allow remote attackers to obtain administrative access to the CDR DICOM database. Root cause: default credentials present in installation/configuration. Impact: high, remote,...

10CVSS9.4AI score0.03108EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/09/21 1:0 a.m.21 views

CVE-2016-6530

Dentsply Sirona formerly Schick CDR Dicom 5 and earlier has default passwords for the sa and cdr accounts, which allows remote attackers to obtain administrative access by leveraging knowledge of these passwords...

9.6AI score0.03108EPSS
Exploits0References3
CERT
CERT
added 2016/09/06 12:0 a.m.29 views

Dentsply Sirona CDR DICOM contains multiple hard-coded credentials

Overview The Dentsply Sirona previously known as Shick Technologies CDR DICOM is software for managing medical dental records. CDR DICOM contains several hard-coded credentials allowing administrative or root access. Description CWE-798: Use of Hard-coded Credentials - CVE-2016-6530 Dentsply...

10CVSS9.9AI score0.03108EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2016/08/20 12:0 a.m.45 views

ZYCOO IP Phone System Remote Command Execution

Vulnerable hardware : ZYCOO IP phone system Vendor : zycoo.com Author : Ahmed sultan @0x4148 Email : [email protected] Summary : According to the vendor's site , CooVox Series IP Phone System is the most innovative solution for VoIP telecommunication in SMB Small and Medium-sized Business market...

0.5AI score
Exploits0
0day.today
0day.today
added 2016/08/19 12:0 a.m.33 views

ZYCOO IP Phone System - Remote Command Execution

Exploit for cgi platform in category web applications Vulnerable hardware : ZYCOO IP phone system Vendor : zycoo.com Author : Ahmed sultan @0x4148 Email : email protected Summary : According to the vendor's site , CooVox Series IP Phone System is the most innovative solution for VoIP...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/11/13 12:0 a.m.27 views

CorelDRAW X7 CDR File (CdrTxt.dll) Off-By-One Stack Corruption Vulnerability

No description provided by source. CorelDRAW X7 CDR File CdrTxt.dll Off-By-One Stack Corruption Vulnerability Vendor: Corel Corporation Product web page: http://www.corel.com Affected version: 17.1.0.572 X7 - 32bit/64bit EN 15.0.0.486 X5 - 32bit EN Summary: CorelDRAW is one of the image-creating...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2014/11/12 12:0 a.m.31 views

CorelDRAW X7 CDR File - 'CdrTxt.dll' Off-by-One Stack Corruption

CorelDRAW X7 CDR File CdrTxt.dll Off-By-One Stack Corruption Vulnerability Vendor: Corel Corporation Product web page: http://www.corel.com Affected version: 17.1.0.572 X7 - 32bit/64bit EN 15.0.0.486 X5 - 32bit EN Summary: CorelDRAW is one of the image-creating programs in a suite of graphic arts...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2014/11/12 12:0 a.m.18 views

CorelDRAW X7 CDR File - CdrTxt.dll Off-by-One Stack Corruption

CorelDRAW X7 CDR File - CdrTxt.dll Off-by-One Stack Corruption CorelDRAW X7 CDR File CdrTxt.dll Off-By-One Stack Corruption Vulnerability Vendor: Corel Corporation Product web page: http://www.corel.com Affected version: 17.1.0.572 X7 - 32bit/64bit EN 15.0.0.486 X5 - 32bit EN Summary: CorelDRAW i...

7.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2014/11/12 12:0 a.m.35 views

CorelDRAW X7 CDR File (CdrTxt.dll) Off-By-One Stack Corruption Vulnerability

Summary CorelDRAW is one of the image-creating programs in a suite of graphic arts software used by professional artists, educators, students, businesses and the general public. The CorelDRAW Graphics Suite X7, which includes CorelDRAW, is sold as stand-alone software and as a cloud-based...

6.2AI score
Exploits0
Prion
Prion
added 2014/04/29 10:37 a.m.14 views

Hardcoded credentials

The Call Detail Records CDR Management component in Cisco Unified Communications Manager Unified CM allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCun74374...

4CVSS6.1AI score0.00947EPSS
Exploits0References1
Cvelist
Cvelist
added 2014/04/29 10:0 a.m.23 views

CVE-2014-2185

The Call Detail Records CDR Management component in Cisco Unified Communications Manager Unified CM allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCun74374...

5.7AI score0.00947EPSS
Exploits0References1
Rows per page
Query Builder