DiskBoss Enterprise GET Buffer Overflow

This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskBoss Enterprise v7.5.12, v7.4.28, and v8.2.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This module has been tested successfully on...

MS15-001: Vulnerability in Windows Application Compatibility cache could allow elevation of privilege: January 13, 2015

MS15-001: Vulnerability in Windows Application Compatibility cache could allow elevation of privilege: January 13, 2015 Summary This security update resolves a privately reported vulnerability in Windows. The vulnerability could allow elevation of privilege if an attacker logs on to a system and...

CVE-2016-4291

When opening a Hangul HShow Document .hpt and processing a structure within the document, Hancom Office 2014 will use a field from the structure in an operation that can cause the integer to overflow. This result is then used to allocate memory to copy file data in. Due to the lack of bounds...

Integer overflow

When opening a Hangul HShow Document .hpt and processing a structure within the document, Hancom Office 2014 will use a field from the structure in an operation that can cause the integer to overflow. This result is then used to allocate memory to copy file data in. Due to the lack of bounds...

Out-of-bounds

When opening a Hangul Hcell Document .cell and processing a particular record within the Workbook stream, an index miscalculation leading to a heap overlow can be made to occur in Hancom Office 2014. The vulnerability occurs when processing data for a formula used to render a chart via the...

CVE-2016-4291

When opening a Hangul HShow Document .hpt and processing a structure within the document, Hancom Office 2014 will use a field from the structure in an operation that can cause the integer to overflow. This result is then used to allocate memory to copy file data in. Due to the lack of bounds...

CVE-2016-4291

When opening a Hangul HShow Document .hpt and processing a structure within the document, Hancom Office 2014 will use a field from the structure in an operation that can cause the integer to overflow. This result is then used to allocate memory to copy file data in. Due to the lack of bounds...

CVE-2016-4295

When opening a Hangul Hcell Document .cell and processing a particular record within the Workbook stream, an index miscalculation leading to a heap overlow can be made to occur in Hancom Office 2014. The vulnerability occurs when processing data for a formula used to render a chart via the...

CVE-2016-4291

CVE-2016-4291 affects Hancom Hangul Office 2014 VP (Hangul HShow). A structure field in an HShow document (.hpt) can cause an integer overflow during a size calculation, leading to an undersized heap allocation. Subsequent reads write beyond the allocated buffer, enabling code execution in the Ha...

ImageMagick Stack Buffer Overflow Vulnerability

ImageMagick is a free software for creating, editing, and compositing images.The use of most of ImageMagick's features comes from the command line tools. ImageMagick suffers from a stack buffer overflow vulnerability that stems from a failure to perform adequate boundary checking when copying use...

Updated kernel and kmod packages fix security vulnerabilities

This update is based on upstream 4.4.39 and fixes at least the following security issues: Due to lack of size checking on ICMP header length, it is possible to cause out-of-bounds read on stack CVE-2016-8399 A use-after-free vulnerability in the SCSI generic driver allows users with write access ...

Info-ZIP UnZip Buffer Overflow Vulnerability

Info-ZIP UnZip is an American software developer Greg Roelofs developed a set of Unix-based platform for the ".zip" file format for decompression tools. A buffer overflow vulnerability exists in Info-ZIP UnZip, where the program fails to perform sufficient bounds checking on user-submitted data,...

cURL/libcURL Buffer Overflow Vulnerability

Haxx curl and libcurl are both products of the Swedish company Haxx. curl is a set of file transfer tools that utilize URL syntax to work at the command line. libcurl is a free, open source client-side URL transfer library. A buffer overflow vulnerability exists in Haxx curl and libcurl versions...

Joyent SmartOS Integer Overflow Vulnerability

Joyent SmartOS is a set of open source operating system from Joyent, Inc. in the United States. Joyent SmartOS suffers from an integer overflow vulnerability due to the program failing to properly bounds-check user-supplied data before copying it to an undersized buffer. An attacker could exploit...

openSUSE Security Update : the Linux Kernel (openSUSE-2016-1426)

The openSUSE Leap 42.2 kernel was updated to 4.4.36 to receive various security and bugfixes. The following security bugs were fixed : - CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended...

[SECURITY] Fedora 25 Update: roundcubemail-1.2.3-1.fc25

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

SUSE-SU-2016:3063-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 kernel was updated to receive critical security fixes. The following security bugs were fixed: - CVE-2016-8655: A race condition in the afpacket packetsetring function could be used by local attackers to crash the kernel or gain privileges bsc1012754. - CVE-2016-8632:...

FreeBSD / Apple libc link_ntoa() buffer overflow Exploit

Exploit for multiple platform in category remote exploits Improper bounds checking of the obuf variable in the linkntoa function in linkaddr.c may allow an attacker to read or write from memory. The routine linkaddr interprets character strings representing link-level addresses, returning binary...

Memcached process_bin_sasl_auth Integer Underflow (CVE-2016-8706)

An integer underflow vulnerability exists in the Memcached binary protocol. This vulnerability is due to a lack of bounds checking in the processbinsaslauth function. A remote unauthenticated attacker can exploit these vulnerabilities by sending a specially crafted packet to memcached that can le...

Memcached process_bin_append_prepend Integer Overflow (CVE-2016-8704)

An integer overflow vulnerability exists in memcached. This vulnerability is due to a lack of bounds checking in the processbinappendprepend function while processing commands that append or prepend data to existing key-value pairs. A remote unauthenticated attacker can exploit these...