731 matches found
CVE-2019-10974
NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code...
CVE-2019-10974
NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The application fails to prevent an exception handler from being overwritten with arbitrary code...
CVE-2019-10974
CVE-2019-10974 affects EnergyPlus 8.6.0 and earlier. The vulnerability is a stack-based buffer overflow (CWE-121) where the application fails to prevent an exception handler from being overwritten with arbitrary code. Impact per sources includes potential arbitrary code execution or denial of ser...
CVE-2019-7232
The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. The Host header value overflows a buffer and overwrites a Structured Exception Handler SEH address. An unauthenticated attacker can submit a Host header value of 2047 bytes or more to...
CVE-2019-7232
The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. The Host header value overflows a buffer and overwrites a Structured Exception Handler SEH address. An unauthenticated attacker can submit a Host header value of 2047 bytes or more to...
Buffer overflow
The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. The Host header value overflows a buffer and overwrites a Structured Exception Handler SEH address. An unauthenticated attacker can submit a Host header value of 2047 bytes or more to...
CVE-2019-7232
The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. The Host header value overflows a buffer and overwrites a Structured Exception Handler SEH address. An unauthenticated attacker can submit a Host header value of 2047 bytes or more to...
CVE-2019-12895
In Alternate Pic View 2.600, the Exception Handler Chain is Corrupted starting at PicViewer!PerfgrapFinalize+0x00000000000b916d...
CVE-2019-12895
In Alternate Pic View 2.600, the Exception Handler Chain is Corrupted starting at PicViewer!PerfgrapFinalize+0x00000000000b916d...
Code injection
In Alternate Pic View 2.600, the Exception Handler Chain is Corrupted starting at PicViewer!PerfgrapFinalize+0x00000000000b916d...
CVE-2019-12895
CVE-2019-12895 affects Alternate Pic View 2.600. The vulnerability is described as a corruption of the Exception Handler Chain beginning at PicViewer!PerfgrapFinalize+0x00000000000b916d. Public references (NVD/Red Hat entries) repeat this description. No concrete exploit vectors, affected version...
CVE-2019-12895
In Alternate Pic View 2.600, the Exception Handler Chain is Corrupted starting at PicViewer!PerfgrapFinalize+0x00000000000b916d...
Lavavo CD Ripper 4.20 - 'License Activation Name' Buffer Overflow (SEH)
Exploit Title: Lavavo CD Ripper 4.20 Local Seh Exploit Date: 25.04.2019 Vendor Homepage:https://www.lavavosoftware.com Software Link: https://lavavo-cd-ripper.jaleco.com/download Exploit Author: Achilles Tested Version: 4.20 Tested on: Windows XP SP3 EN Windows 7 Sp1 x64 1.- Run python code :...
CVE-2018-15815
FastStone Image Viewer 6.5 has an Exception Handler Chain Corrupted issue starting at image00400000+0x00000000003ef68a via a crafted image file...
CVE-2018-15815
FastStone Image Viewer 6.5 has an Exception Handler Chain Corrupted issue starting at image00400000+0x00000000003ef68a via a crafted image file...
Code injection
FastStone Image Viewer 6.5 has an Exception Handler Chain Corrupted issue starting at image00400000+0x00000000003ef68a via a crafted image file...
CVE-2018-15815
CVE-2018-15815 affects FastStone Image Viewer 6.5. The vulnerability is described as an Exception Handler Chain Corrupted issue triggered by a crafted image file, starting at image00400000+0x00000000003ef68a. Public references (NVD/NVD-derived and national/cert-type records) consistently report t...
CVE-2018-15815
FastStone Image Viewer 6.5 has an Exception Handler Chain Corrupted issue starting at image00400000+0x00000000003ef68a via a crafted image file...
Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value
Apple iOS - Kernel Stack Memory Disclosure due to Failure to Check copyin Return Value Here's a code snippet from sleh.c with the second level exception handler for undefined instruction exceptions: static void handleuncategorizedarmsavedstatet state, booleant instrLen2 exceptiontypet exception =...
Zahir Enterprise Plus 6 - Stack Buffer Overflow (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Zahir Enterprise Plus 6 Stack Buffer Overflow", 'Description' = %q This module exploits a stack buffer overflow in Zahir Enterprise Plus version ...