CVE-2015-8277

Multiple buffer overflows in 1 lmgrd and 2 Vendor Daemon in Flexera FlexNet Publisher before 11.13.1.2 Security Update 1 allow remote attackers to execute arbitrary code via a crafted packet with opcode a 0x107 or b 0x10a...

Buffer overflow

Multiple buffer overflows in 1 lmgrd and 2 Vendor Daemon in Flexera FlexNet Publisher before 11.13.1.2 Security Update 1 allow remote attackers to execute arbitrary code via a crafted packet with opcode a 0x107 or b 0x10a...

IBM Tivoli Storage Manager FastBack Server Opcode 4115 Buffer Overflow (CVE-2015-4931)

A buffer overflow vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient boundary checking on parameters in opcode 4115 requests. A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port 11460/TCP...

IBM Tivoli Storage Manager FastBack Server Opcode 0x534 Denial of Service

This module exploits a denial of service condition present in IBM Tivoli Storage Manager FastBack Server when dealing with packets triggering the opcode 0x534 handler. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

Libgraphite directrun Opcode Handling Code Execution Vulnerability

Talos Vulnerability Report TALOS-2016-0058 Libgraphite directrun Opcode Handling Code Execution Vulnerability February 5, 2016 CVE Number CVE-2016-1521 Description An exploitable out-of-bounds read vulnerability exists in the opcode handling functionality of Libgraphite. A specially crafted font...

IBM Tivoli Storage Manager FastBack Server Format String (CVE-2015-1953; CVE-2015-1986)

A format string vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient sanitization on parameters of Opcode 1301 requests.A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port 11460/TCP.Successf...

IBM Tivoli Storage Manager FastBack Server Opcode 1329 Buffer Overflow (CVE-2015-1924)

A buffer overflow vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient boundary checking on parameters in opcode 1329 requests. A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port 11460/TCP...

Kaspersky AntiVirus - ExeCryptor Parsing Memory Corruption

Source: https://code.google.com/p/google-security-research/issues/detail?id=525 Fuzzing packed executables found the attached crash, it might be usable as an information leak as part of another bug, so filing as a low-risk bug. If I had to guess, I would say this is the ExeCryptor unpacker...

Kaspersky AntiVirus - ExeCryptor Parsing Memory Corruption

Kaspersky AntiVirus - ExeCryptor Parsing Memory Corruption Source: https://code.google.com/p/google-security-research/issues/detail?id=525 Fuzzing packed executables found the attached crash, it might be usable as an information leak as part of another bug, so filing as a low-risk bug. If I had t...

3S-Smart Software Solutions CODESYS Gateway Server Heap Buffer Overflow Vulnerability

3S-Smart Software Solutions CoDeSys is a set of PLC programmable logic controller software programming tools from 3S-Smart Software Solutions, Germany.CODESYS Gateway Server is one of the CODESYS Gateway Servers. A heap buffer overflow vulnerability exists in 3S-Smart Software Solutions CODESYS...

CVE-2015-6460

Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.34 allow remote attackers to execute arbitrary code via opcode 1 0x3ef or 2 0x3f0...

IBM Tivoli Storage Manager FastBack Server Opcode 1365 Files Restore Agents Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1365. By sending a crafted packet on TCP...

IBM Tivoli Storage Manager FastBack Server Opcode 1365 Volumes Restore Agents Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1365. By sending a crafted packet on TCP...

IBM Tivoli Storage Manager FastBack Server Opcode 4755 Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 4755. By sending a crafted packet on TCP...

IBM Tivoli Storage Manager FastBack Server Opcode 8192 Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 8192. By sending a crafted packet on TCP...

IBM Tivoli Storage Manager FastBack Server Opcode 4115 Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 4115. By sending a crafted packet on TCP...

CVE-2015-5158

Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAPSYSRAWIO permissions to cause a denial of service instance crash via an invalid opcode in a SCSI command descriptor block...

From inter to intra: gaining reliability

Posted by Chris Evans, avoider of crossing heap lines. Part 2 of 4. In the first post in this series, we concluded with a traditional exploit for Adobe Flash bug 324, and noted that it could never be 100% reliable. We also challenged ourselves to do better! Is there some way we can leverage the...

IBM Tivoli Storage Manager FastBack Server Opcode 1301 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1301. By sending a crafted packet on TCP...

IBM Tivoli Storage Manager FastBack Server Opcode 1331 lza32 Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of opcode 1331. By sending a crafted packet on TCP port...