14 matches found
CVE-2021-27425
Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mmmalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2021-27425
Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mmmalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2021-27425
Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mmmalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
Integer overflow
Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mmmalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2021-27425 Cesanta Software Mongoose-OS Integer Overflow or Wraparound
Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mmmalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2021-27425 Cesanta Software Mongoose-OS Integer Overflow or Wraparound
Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mmmalloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...
CVE-2021-27425
CVE-2021-27425 affects Cesanta Software Mongoose-OS v2.17.0. The vulnerability is an integer wrap-around in mm_malloc that can cause improper memory assignment and arbitrary memory allocation, leading to a crash or remote code injection/execution. Public references (NVD/Red Hat/CVE list) corrobor...
PT-2021-19559 · Cesanta · Mongooseos Mjs
Name of the Vulnerable Software and Affected Versions: Cesanta MongooseOS mJS version 1.26 Description: A maliciously formed JSON string can trigger an off-by-one heap-based buffer overflow in mjs json parse, potentially leading to redirection of control flow. The original reporter disputes the...
Cesanta Mongoose Embedded Web Server Library and Mongoose OS Memory Misreference Vulnerability
Cesanta Mongoose Embedded Web Server Library and Mongoose OS are both products of the American company Cesanta. The former is a web library for embedded web servers; the latter is an open source operating system for the Internet of Things. A memory misreference exists in the...
CVE-2017-7185
CVE-2017-7185 is a use-after-free in Cesanta’s Mongoose Embedded Web Server Library (mg_http_multipart_wait_for_boundary) affecting versions<=6.7 and Mongoose OS
Cesanta Mongoose OS - Use-After-Free
COMPASS SECURITY ADVISORY https://www.compass-security.com/en/research/advisories/ Product: Mongoose OS Vendor: Cesanta CVE ID: CVE-2017-7185 CSNC ID: CSNC-2017-003 Subject: Use-after-free / Denial of Service Risk: Medium Effect: Remotely exploitable Authors: Philipp Promeuschel Carel van Rooyen...
Cesanta Mongoose OS - Use-After-Free Vulnerability
Exploit for hardware platform in category dos / poc Product: Mongoose OS Vendor: Cesanta CVE ID: CVE-2017-7185 CSNC ID: CSNC-2017-003 Subject: Use-after-free / Denial of Service Risk: Medium Effect: Remotely exploitable Authors: Philipp Promeuschel Carel van Rooyen Stephan Sekula Date: 2017-04-03...
Cesanta Mongoose OS - Use-After-Free
Cesanta Mongoose OS - Use-After-Free COMPASS SECURITY ADVISORY https://www.compass-security.com/en/research/advisories/ Product: Mongoose OS Vendor: Cesanta CVE ID: CVE-2017-7185 CSNC ID: CSNC-2017-003 Subject: Use-after-free / Denial of Service Risk: Medium Effect: Remotely exploitable Authors:...
Mongoose OS 1.2 Use-After-Free / Denial Of Service
COMPASS SECURITY ADVISORY https://www.compass-security.com/en/research/advisories/ Product: Mongoose OS Vendor: Cesanta CVE ID: CVE-2017-7185 CSNC ID: CSNC-2017-003 Subject: Use-after-free / Denial of Service Risk: Medium Effect: Remotely exploitable Authors: Philipp Promeuschel Carel van Rooyen...