2 matches found
Circle with Disney Apid Use-Between-Reallocs Information Disclosure Vulnerability(CVE-2017-12083)
Summary An exploitable information disclosure vulnerability exists in the apid daemon of the Circle with Disney running firmware 2.0.1. A specially crafted set of packets can make the Disney Circle dump strings from an internal database into an HTTP response. An attacker needs network connectivit...
CVE-2017-12083
CVE-2017-12083 affects the Circle with Disney apid daemon (firmware 2.0.1). A crafted HTTP request triggers a use-after-free via unsafe handling of HTTP header pointers and realloc-based growth of request buffers, enabling information disclosure from the internal database. The vulnerability hinge...