CVE-2017-2441

CVE-2017-2441 involves a use-after-free in the libc++abi demangling path across Apple products (iOS before 10.3, macOS before 10.12.4, tvOS before 10.2, watchOS before 3.2). A remote attacker could execute arbitrary code by presenting a crafted C++ application. Public sources link this to Apple s...

CVE-2017-2441

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "libc++abi" component. A use-after-free vulnerability allows remote attackers to execute arbitrary...

Linux XFBurn Stack-based Buffer Overflow Vulnerability

Exploit for linux platform in category dos / poc Exploit Title: Linux XFBurn Stack-based Buffer Overflow Type: CWE-121 Exploit Author: Hosein Askari FarazPajohan Vendor HomePage: http://goodies.xfce.org/projects/applications/xfburn Version : 0.5.4 Tested on: Ubuntu 17.04 Date: 24-03-2017 Category...

CVE-2016-2225

The readetchostsr function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service infinite loop via a crafted packet...

CVE-2016-2225

CVE-2016-2225 affects uClibc-ng (libc/inet/resolv.c) prior to 1.0.12, where the __read_etc_hosts_r function can be triggered by a crafted DNS packet from a remote server, causing a denial of service (infinite loop). Public data identifies this as a network-affecting vulnerability with CVSS v3.0 b...

Google Android - Inter-process munmap in android.util.MemoryIntArray Vulnerability

Exploit for Android platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1001 The MemoryIntArray class allows processes to share an in-memory array of integers by transferring an ashmem file descriptor. As the class implements the Parcelable interface, ...

Integer overflow

Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of 1 states or 2 tags, which triggers an out-of-bounds write...

CVE-2016-8859

Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of 1 states or 2 tags, which triggers an out-of-bounds write...

DEBIAN-CVE-2016-8859

Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of 1 states or 2 tags, which triggers an out-of-bounds write...

CVE-2016-8859

Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of 1 states or 2 tags, which triggers an out-of-bounds write...

CVE-2016-8859

Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of 1 states or 2 tags, which triggers an out-of-bounds write...

UBUNTU-CVE-2016-8859

Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of 1 states or 2 tags, which triggers an out-of-bounds write...

ALPINE-CVE-2016-8859

Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of 1 states or 2 tags, which triggers an out-of-bounds write...

CVE-2016-8859

Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of 1 states or 2 tags, which triggers an out-of-bounds write...

CVE-2016-8859

Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of 1 states or 2 tags, which triggers an out-of-bounds write...

CVE-2016-8859

CVE-2016-8859 affects TRE and musl libc. The TRE library experienced multiple integer overflows in its regex/memory-handling paths, enabling memory corruption and an out-of-bounds write when processing large numbers of states or tags. Public advisories document this issue across multiple distribu...

CVE-2016-8859

Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of 1 states or 2 tags, which triggers an out-of-bounds write...

Integer overflow

Integer signedness error in libc/string/arm/memset.S in uClibc and uClibc-ng before 1.0.16 allows context-dependent attackers to cause a denial of service crash via a negative length value to the memset function...

unsorted bin attack analysis-vulnerability warning-the black bar safety net

One, Foreword This is before that article overflow using the FILE structure of the follow-up article, mentioned earlier is for the Shanghai network security contest pwn450 of technology to write articles, a total of two techniques, one is the overflow using the FILE structure of the body, one is...

By means of DynELF achieved without libc exploit summary-vulnerability warning-the black bar safety net

In the absence of the target system libc file of the case, we can use pwntools the DynELF module to leak address information, thereby acquiring to shell. This article for linux puts and write, respectively, shows the implementation of the DynELF key function of the leak method, and by a 3-CTF top...