3665 matches found
UBUNTU-CVE-2016-20037
xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer boundaries. Attackers can craft malicious command-line arguments with 262 bytes of junk data followed by...
CVE-2017-20228
CVE-2017-20228 concerns Flat Assembler 1.71.21, which contains a stack-based buffer overflow. The vulnerability arises from oversized input (exceeding 5895 bytes) fed to the application, enabling local attackers to overwrite the instruction pointer and construct return-oriented programming chains...
CVE-2017-20228
Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input to the application. Attackers can craft malicious assembly input exceeding 5895 bytes to overwrite the instruction pointer and execute...
CVE-2017-20228 Flat Assembler 1.71.21 Stack-Based Buffer Overflow ROP
Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input to the application. Attackers can craft malicious assembly input exceeding 5895 bytes to overwrite the instruction pointer and execute...
CVE-2016-20048 iSelect 1.4.0-2+b1 Local Buffer Overflow via key parameter
iSelect 1.4.0-2+b1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized value to the -k/--key parameter. Attackers can craft a malicious argument containing a NOP sled, shellcode, and return address to overflow a 1024-byte...
CVE-2016-20048
iSelect 1.4.0-2+b1 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized value to the -k/--key parameter. Attackers can craft a malicious argument containing a NOP sled, shellcode, and return address to overflow a 1024-byte...
CVE-2016-20046
zFTP Client 20061220+dfsg3-4.1 contains a buffer overflow vulnerability in the NAME parameter handling of FTP connections that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized NAME value exceeding the 80-byte buffer allocated in strcpych...
CVE-2016-20043 NRSS RSS Reader 0.3.9-1 Stack Buffer Overflow
NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the...
CVE-2016-20043
NRSS RSS Reader 0.3.9-1 is affected by a local stack buffer overflow. An attacker can pass an oversized argument to the -F parameter, crafting input with 256 bytes of padding followed by a controlled EIP value to overwrite the return address and execute arbitrary code. This is a local vulnerabili...
CVE-2016-20043
NRSS RSS Reader 0.3.9-1 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the -F parameter. Attackers can craft a malicious input with 256 bytes of padding followed by a controlled EIP value to overwrite the...
CVE-2016-20042 TRN 3.6-23 Stack Buffer Overflow Local Code Execution
TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Attackers can craft a malicious command-line argument with 156 bytes of padding followed by a return address to overwrite the...
CVE-2016-20042 TRN 3.6-23 Stack Buffer Overflow Local Code Execution
TRN 3.6-23 contains a stack buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized argument to the application. Attackers can craft a malicious command-line argument with 156 bytes of padding followed by a return address to overwrite the...
CVE-2016-20041
Removed by vendor...
CVE-2016-20040 TiEmu 3.03-nogdb+dfsg-3 Buffer Overflow via ROM Parameter
TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in the ROM parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized ROM parameter to the tiemu command-line interface to overflow the stack buffer and...
CVE-2016-20040
TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability in the ROM parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized ROM parameter to the tiemu command-line interface to overflow the stack buffer and...
CVE-2016-20039 Multi Emulator Super System 0.154-3.1 Buffer Overflow
Multi Emulator Super System 0.154-3.1 contains a buffer overflow vulnerability in the gamma parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized gamma parameter value to overflow the stack buffer and overwrite the...
CVE-2016-20039
CVE-2016-20039 affects Multi Emulator Super System 0.154-3.1. The vulnerability is a buffer overflow in the gamma parameter handling that permits a local attacker to crash the application or execute arbitrary code by supplying an oversized gamma value, overflowing a stack buffer and overwriting t...
CVE-2016-20039
Multi Emulator Super System 0.154-3.1 contains a buffer overflow vulnerability in the gamma parameter handling that allows local attackers to crash the application or execute arbitrary code. Attackers can supply an oversized gamma parameter value to overflow the stack buffer and overwrite the...
CVE-2016-20038
CVE-2016-20038 affects yTree 1.94-1.1 and is caused by a stack-based buffer overflow triggered by an excessively long command-line argument. This allows a local attacker to execute arbitrary code by injecting shellcode and a crafted return address to overwrite the stack. Exploitation is described...
CVE-2016-20038
yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an excessively long argument to the application. Attackers can craft a malicious command-line argument containing shellcode and a return address to overwrite the...