2514 matches found
Internet Bug Bounty: Interger overflow in eval trigger write out of bound
Hi security team, i reported some samples triggered crash in eval funtion in perl. The bug come because variable start and items used type I32 which takes half the range of linet and folds it into negative numbers, leading to trying to store the lines at negative indexes...
Microsoft Edge Chakra Parser::ParseCatch Failed eval Handle
Microsoft Edge: Chakra: Parser::ParseCatch doesn't handle "eval" CVE-2017-11764 In Javascript, the code executed by a direct call to eval shares the caller block's scopes. Chakra handles this from the parser. And there's a bug when it parses "eval" in a catch statement's param. ParseNodePtr...
Microsoft Edge Chakra - Parser::ParseCatch Does Not Handle eval() (Denial of Service)
Microsoft Edge Chakra - Parser::ParseCatch Does Not Handle eval Denial of Service PnodeBlockType::Regular, isPattern ? ScopeTypeCatchParamPattern : ScopeTypeCatch; ... ParseNodePtr pnodePattern = ParseDestructuredLiteraltkLET, true /isDecl/, true /topLevel/, DICForceErrorOnInitializer; ... 1...
Multiple Plugins - Unauthenticated RCE via PHPUnit
There was an Unauthenticated Remote Code Execution RCE vulnerability in PHPUnit, a widely used testing framework for PHP. This vulnerability has been seen exploited in the wild. curl -X POST --data ""...
Microsoft Edge Chakra chakra!Js::GlobalObject Integer Overflow
= 0; AnalysisAssertscriptContext; if scriptContext-GetThreadContext-EvalDisabled throw Js::EvalDisabledException; ifdef PROFILEEXEC scriptContext-ProfileBeginJs::EvalCompilePhase; endif void frameAddr = nullptr; GETCURRENTFRAMEIDframeAddr; HRESULT hr = SOK; HRESULT hrParser = SOK; HRESULT hrCodeG...
CVE-2017-12963
There is an illegal address access in Sass::Eval::operator in eval.cpp of LibSass 3.4.5, leading to a remote denial of service attack. NOTE: this is similar to CVE-2017-11555 but remains exploitable after the vendor's CVE-2017-11555 fix available from GitHub after 2017-07-24...
CVE-2017-12963
There is an illegal address access in Sass::Eval::operator in eval.cpp of LibSass 3.4.5, leading to a remote denial of service attack. NOTE: this is similar to CVE-2017-11555 but remains exploitable after the vendor's CVE-2017-11555 fix available from GitHub after 2017-07-24...
CVE-2017-12964
There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval::operator in eval.cpp. It will lead to a remote denial of service attack...
UBUNTU-CVE-2017-12963
There is an illegal address access in Sass::Eval::operator in eval.cpp of LibSass 3.4.5, leading to a remote denial of service attack. NOTE: this is similar to CVE-2017-11555 but remains exploitable after the vendor's CVE-2017-11555 fix available from GitHub after 2017-07-24...
CVE-2017-9802
The Javascript method Sling.evalString in Apache Sling Servlets Post before 2.3.22 uses the javascript 'eval' function to parse input strings, which allows for XSS attacks by passing specially crafted input strings...
Microsoft Chakra eval Integer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
CVE-2017-11585
dayrui FineCms 5.0.9 has remote PHP code execution via the param parameter in an action=cache request to libraries/Template.php, aka Eval Injection...
CVE-2017-11585
dayrui FineCms 5.0.9 has remote PHP code execution via the param parameter in an action=cache request to libraries/Template.php, aka Eval Injection...
CVE-2017-11585
CVE-2017-11585 affects dayrui FineCMS 5.0.9 with remote PHP code execution through the param parameter in an action=cache request to libraries/Template.php, described as Eval Injection. The vulnerability allows an attacker to inject and execute arbitrary PHP code on the server. Exploitation and e...
CVE-2017-11555
There is an illegal address access in the Eval::operator function in eval.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service...
DEBIAN-CVE-2017-11555
There is an illegal address access in the Eval::operator function in eval.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service...
CVE-2017-11555
There is an illegal address access in the Eval::operator function in eval.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service...
UBUNTU-CVE-2017-11555
There is an illegal address access in the Eval::operator function in eval.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service...
CVE-2017-11555
CVE-2017-11555 refers to an illegal address access in LibSass 3.4.5, specifically in Sass::Eval::operator() (eval.cpp). A crafted input can cause a remote denial of service. Connected sources indicate this family of DoS issues is addressed in later vendor advisories (e.g., openSUSE-2017-1250) whi...
CVE-2017-11555
There is an illegal address access in the Eval::operator function in eval.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service...