SUSE CVE-2016-8687

Stack-based buffer overflow in the safefprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename...

SUSE CVE-2020-24999

There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service Segmentation fault or possibly have unspecified other impact...

Format string

A Format String vulnerablity exists in TRENDnet TEW-755AP 1.11B03, TEW-755AP2KAC 1.11B03, TEW-821DAP2KAC 1.11B03, and TEW-825DAP 1.11B03, which could let a remote malicious user cause a denial of service due to a logic bug at address 0x40dcd0 when calling fprintf with "%s: key len = %d, too long\...

CVE-2020-24999

There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service Segmentation fault or possibly have unspecified other impact...

Design/Logic Flaw

There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service Segmentation fault or possibly have unspecified other impact...

UBUNTU-CVE-2020-24999

There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service Segmentation fault or possibly have unspecified other impact...

CVE-2020-24999

CVE-2020-24999 affects Xpdf 4.0.2: an invalid memory access occurs in fprintf in Error.cc. A crafted PDF sent to the pdftohtml binary can trigger a Denial of Service (segmentation fault) and potentially other impact. Multiple external sources in the connected data reiterate this vulnerability, wi...

CVE-2020-24999

There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2. It can be triggered by sending a crafted PDF file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service Segmentation fault or possibly have unspecified other impact...

Linux/ARM - execve (/bin/sh,NULL,0) Shellcode (31 bytes)

/ Title: Linux/ARM - execve"/bin/sh",NULL,0 - 31 bytes Date: 2010-08-31 Tested: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @jonathansalwan shell-storm.org Shellcode ARM without 0x20, 0x0a and 0x00 00008054 : 8054: e28f3001 add r3, pc, 1 ; 0x1 8058: e12fff13 bx r3 805c: 4678 mov r0, p...

UBUNTU-CVE-2016-8687

Stack-based buffer overflow in the safefprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename...

Linux/SuperH - sh4 - setuid(0) ; execve("/bin/sh", NULL, NULL) - 27 bytes

No description provided by source. / Linux/SuperH - sh4 - setuid0 ; execve/bin/sh, NULL, NULL - 27 bytes Tested on debian-sh4 2.6.32-5-sh7751r by Jonathan Salwan - twitter: @jonathansalwan 400054: 17 e3 mov 23,r3 400056: 4a 24 xor r4,r4 400058: 0b c3 trapa 11 40005a: 3a 23 xor r3,r3 40005c: 0b e3...

Ehud Gavron TrACESroute 6.1.1 Terminator Function Format String

No description provided by source. source: http://www.securityfocus.com/bid/4956/info A format string vulnerability exists in TrACESroute. The problem exists in the terminator -T function of the program. Due to improper use of the fprintf function, an attacker may be able to supply a malicious...

Linux/ARM - execve("/bin/sh", [0], [0 vars]) - 27 bytes

No description provided by source. / Title: Linux/ARM - execve/bin/sh, 0, 0 vars - 27 bytes Date: 2010-08-31 Tested on: ARM926EJ-S rev 5 v5l Author: Jonathan Salwan - twitter: @jonathansalwan shell-storm.org Shellcode ARM with not a 0x20, 0x0a and 0x00 Disassembly of section .text: 00008054 start...

Courier-IMAP <= 3.0.2-r1 auth_debug() Remote Format String Exploit

No description provided by source. / courier-imap = 3.0.2-r1 Remote Format String Vulnerability exploit Author: ktha at hush dot com Tested on FreeBSD 4.10-RELEASE with courier-imap-3.0.2 Special thanks goes to andrewg for providing the FreeBSD box. Greetings: all the guys from irc pulltheplug co...

openSUSE Security Update : glibc (openSUSE-SU-2013:1510-1)

This update fixes the following issues in glibc : - CVE-2012-4412: glibc: buffer overflow in strcoll - CVE-2013-0242: glibc: DoS due to a buffer overrun in regexp matcher by processing multibyte characters - CVE-2013-1914: glibc: stack overflow in getaddrinfo sorting - CVE-2013-2207: glibc: ptcho...

Linksys WRT120N 'fprintf()'函数远程栈缓冲区溢出漏洞

BUGTRAQ ID: 65860 WRT120N是无线家庭路由器产品。 Linksys WRT120N（固件版本1.0.07）在函数 "fprintf"的实现上存在边界错误，可导致栈缓冲区溢出，任意代码执行。 0 Linksys WRT120N 1.0.07 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.linksys.com...

CVE-2012-2114

Stack-based buffer overflow in fprintf in musl before 0.8.8 and earlier allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a long string to an unbuffered stream such as stderr...

Stack overflow

Stack-based buffer overflow in fprintf in musl before 0.8.8 and earlier allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a long string to an unbuffered stream such as stderr...

CVE-2012-2114

CVE-2012-2114: A stack-based overflow in musl’s fprintf (before 0.8.8) can be triggered by a long string to an unbuffered stream (e.g., stderr), allowing a crash or possibly arbitrary code execution. Affected: musl libc versions before 0.8.8. Mitigation: upgrade to 0.8.8 or later; apply official ...

bcksrvr format string in Sybase Adaptive Server 15.5

Luigi Auriemma Application: Sybase Adaptive Server http://www.sybase.com/products/databasemanagement/adaptiveserverenterprise Versions: = 15.5 Platforms: Solaris, Windows, Linux, AIX, HP Bug: format string in bcksrvr Exploitation: remote, versus server Date: 27 Jun 2011 found 28 Oct 2010 Author:...