119 matches found
Buffer overflow
Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...
CVE-2017-7617
Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...
CVE-2017-7617
Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...
CVE-2017-7617
Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...
CVE-2017-7617
CVE-2017-7617 affects Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1, and Certified Asterisk 13.13 before 13.13-cert3. The issue is a buffer overflow in the CDR user field (in Party A context for the CDR and related to X-ClientCode in chan_sip), enabling remote code execution. Im...
CVE-2017-7617
Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chansip, the CDR dialplan function, and the AMI Monitor action...
asterisk -- Buffer overflow in CDR's set user
The Asterisk project reports: No size checking is done when setting the user field on a CDR. Thus, it is possible for someone to use an arbitrarily large string and write past the end of the user field storage buffer. This allows the possibility of remote code injection...
CVE-2016-6530
Dentsply Sirona formerly Schick CDR Dicom 5 and earlier has default passwords for the sa and cdr accounts, which allows remote attackers to obtain administrative access by leveraging knowledge of these passwords...
CVE-2016-6530
Dentsply Sirona formerly Schick CDR Dicom 5 and earlier has default passwords for the sa and cdr accounts, which allows remote attackers to obtain administrative access by leveraging knowledge of these passwords...
CVE-2016-6530
The CVE-2016-6530 issue affects Dentsply Sirona CDR DICOM 5 and earlier, where hard-coded/default credentials (sa and cdr) allow remote attackers to obtain administrative access to the CDR DICOM database. Root cause: default credentials present in installation/configuration. Impact: high, remote,...
CVE-2016-6530
Dentsply Sirona formerly Schick CDR Dicom 5 and earlier has default passwords for the sa and cdr accounts, which allows remote attackers to obtain administrative access by leveraging knowledge of these passwords...
Dentsply Sirona CDR DICOM contains multiple hard-coded credentials
Overview The Dentsply Sirona previously known as Shick Technologies CDR DICOM is software for managing medical dental records. CDR DICOM contains several hard-coded credentials allowing administrative or root access. Description CWE-798: Use of Hard-coded Credentials - CVE-2016-6530 Dentsply...
ZYCOO IP Phone System Remote Command Execution
Vulnerable hardware : ZYCOO IP phone system Vendor : zycoo.com Author : Ahmed sultan @0x4148 Email : [email protected] Summary : According to the vendor's site , CooVox Series IP Phone System is the most innovative solution for VoIP telecommunication in SMB Small and Medium-sized Business market...
ZYCOO IP Phone System - Remote Command Execution
Exploit for cgi platform in category web applications Vulnerable hardware : ZYCOO IP phone system Vendor : zycoo.com Author : Ahmed sultan @0x4148 Email : email protected Summary : According to the vendor's site , CooVox Series IP Phone System is the most innovative solution for VoIP...
CorelDRAW X7 CDR File (CdrTxt.dll) Off-By-One Stack Corruption Vulnerability
No description provided by source. CorelDRAW X7 CDR File CdrTxt.dll Off-By-One Stack Corruption Vulnerability Vendor: Corel Corporation Product web page: http://www.corel.com Affected version: 17.1.0.572 X7 - 32bit/64bit EN 15.0.0.486 X5 - 32bit EN Summary: CorelDRAW is one of the image-creating...
CorelDRAW X7 CDR File - 'CdrTxt.dll' Off-by-One Stack Corruption
CorelDRAW X7 CDR File CdrTxt.dll Off-By-One Stack Corruption Vulnerability Vendor: Corel Corporation Product web page: http://www.corel.com Affected version: 17.1.0.572 X7 - 32bit/64bit EN 15.0.0.486 X5 - 32bit EN Summary: CorelDRAW is one of the image-creating programs in a suite of graphic arts...
CorelDRAW X7 CDR File - CdrTxt.dll Off-by-One Stack Corruption
CorelDRAW X7 CDR File - CdrTxt.dll Off-by-One Stack Corruption CorelDRAW X7 CDR File CdrTxt.dll Off-By-One Stack Corruption Vulnerability Vendor: Corel Corporation Product web page: http://www.corel.com Affected version: 17.1.0.572 X7 - 32bit/64bit EN 15.0.0.486 X5 - 32bit EN Summary: CorelDRAW i...
CorelDRAW X7 CDR File (CdrTxt.dll) Off-By-One Stack Corruption Vulnerability
Summary CorelDRAW is one of the image-creating programs in a suite of graphic arts software used by professional artists, educators, students, businesses and the general public. The CorelDRAW Graphics Suite X7, which includes CorelDRAW, is sold as stand-alone software and as a cloud-based...
Hardcoded credentials
The Call Detail Records CDR Management component in Cisco Unified Communications Manager Unified CM allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCun74374...
CVE-2014-2185
The Call Detail Records CDR Management component in Cisco Unified Communications Manager Unified CM allows remote authenticated users to obtain sensitive information by reading extraneous fields in an HTML document, aka Bug ID CSCun74374...