158 matches found
Arbitrary Code Execution
openjpeg is vulnerable to arbitrary code execution. A stack-based buffer overflow in the pgxtoimage function in bin/jp2/convert.c allows an attacker to execute arbitrary code on the system or crash the application...
Samsung Mobile Device Buffer Overflow Vulnerability (CNVD-2020-32861)
Android is a free and open source operating system from Google based on the Linux kernel without GNU components. A buffer overflow vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to execute arbitrary code on the system...
MGASA-2020-0046 Updated ffmpeg packages fix security vulnerabilities
Updated ffmpeg packages fix security vulnerabilities: This update provides ffmpeg version 4.1.5, which fixes several bugs, and atleasst the follwing security vulnerabilities: In FFmpeg before 4.2, avcodecopen2 in libavcodec/utils.c allows a NULL pointer dereference and possibly unspecified other...
Huawei DP300 XML Parser Integer Overflow Vulnerability
Huawei DP300 is a video conferencing endpoint from Huawei, a Chinese company. An integer overflow vulnerability exists in the Huawei DP300 XML parser due to the XML parser failing to adequately validate incoming content. An authenticated, local attacker could launch a denial of service attack by...
Denial Of Service (DoS) Through Heap Buffer Overflow
ImageMagick is vulnerable to denial of service DoS attacks through a heap buffer overflow. A malicious user can pass a sfw file to the application to cause a heap buffer overflow, crashing the application...
VX Search Enterprise 9.9.12 Buffer Overflow
!/usr/bin/python Exploit Title : VX Search Enterprise v9.9.12 - 'Import Command' Buffer Overflow Discovery by : Anurag Srivastava Email : [email protected] Website : www.pyramidcyber.com Discovery Date : 22/08/2017 Software Link :...
Integer overflow
Integer overflow in the strxfrm function in the GNU C Library aka glibc or libc6 before 2.21 allows context-dependent attackers to cause a denial of service crash or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow...
The vulnerabilities of the Microsoft Office suite, including the Word Viewer program for reading doc files, the Office Compatibility Suite, and the Microsoft Word text editor, allow attackers to execute arbitrary code.
The vulnerabilities of the Microsoft Office suite, the Word Viewer program for reading doc files, the Office Compatibility Pack, and the Microsoft Word text editor are caused by buffer overflow attacks. Exploitation of these vulnerabilities can allow an attacker to execute arbitrary code using a...
Sam Spade 1.14 - Crawl Website Buffer Overflow
Exploit Title : Sam Spade 1.14 - Buffer OverFlow Date : 10/30/2015 Exploit Author : MandawCoder Contact : [email protected] Vendor Homepage : http://samspade.org Software Link : http://www.majorgeeks.com/files/details/samspade.html Version : 1.14 Tested on : XP Professional SP3 En x86 Categor...
Ultra-Mini-HTTPD-1.21---POST
Exploit Title: Ultra Mini HTTPD stack buffer overflow POST request Date: 16 Feb 2014 Exploit Author: Sumit Vendor Homepage: http://www.picolix.jp/ Software Link: http://www.vector.co.jp/soft/winnt/net/se275154.html Version: 1.21 Tested on: Windows XP Professional SP3 A buffer overflow is triggere...
Unrar 3.9.3 - Local Stack Overflow Exploit
No description provided by source. !/usr/bin/perl =head1 TITLE Winrar = v3.93 Local Stack-based Overflow exploit =head2 DESCRIPTION This script triggers a buffer overflow attack against Unrar, the linux popular version of WinRar extractor. It was not developped to bypass non-executing stack...
RM Downloader 3.0.2.1 (.asx) Local Buffer Overflow (SEH)
No description provided by source. !/usr/bin/python Title: RM Downloader 3.0.2.1 .asx Local Buffer Overflow SEH Date: 03-29-2010 Author: b0telh0 Link: http://www.mini-stream.net/downloads/RMDownloader.exe Tested on: Windows XP SP3 windows/exec - 227 bytes EXITFUNC=process, CMD=calc.exe shellcode ...
Solaris 2.5/2.5.1/2.6/7.0 sadmind Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/866/info Certain versions of Solaris ship with a version of sadmind which is vulnerable to a remotely exploitable buffer overflow attack. sadmind is the daemon used by Solstice AdminSuite applications to perform distribut...
MediaHouse Software Statistics Server LiveStats 5.2 - Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1568/info Mediahouse Statistics Server LiveStats is susceptible to a buffer overflow attack if a URL in a GET request contains over 2030 bytes. Depending on the data inserted into the request, the application will crash o...
CVE-2013-1591
Stack-based buffer overflow in libpixman, as used in Pale Moon before 15.4 and possibly other products, has unspecified impact and context-dependent attack vectors. NOTE: this issue might be resultant from an integer overflow in the fastcompositescaledbilinear function in pixman-inlines.h, which...
AIX 5.3 TL 8 : libtt (IZ52845)
There is a buffer overflow vulnerability in the ToolTalk library libtt.a. A remote attacker can exploit this vulnerability when the rpc.ttdbserver is enabled in /etc/inetd.conf. The successful exploitation of this vulnerability allows a remote attacker to execute arbitrary code as the root user...
Unrar 3.9.3 - Local Stack Overflow
Unrar 3.9.3 - Local Stack Overflow !/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-' . '3lrvs' x 820;...
Unrar 3.9.3 - Local Stack Overflow
!/usr/bin/perl =head1 TITLE Winrar http://www.shell-storm.org/shellcode/files/shellcode-752.php use constant SHELLCODE = "\x31\xc9\xf7\xe1\x51\x68\x2f\x2f" . "\x73\x68\x68\x2f\x62\x69\x6e\x89" . "\xe3\xb0\x0b\xcd\x80"; use constant BUFF = '-' . '3lrvs' x 820; $pname = "/usr/bin/unrar"; die "-File...
RealWin SCADA Server DATAC Login Buffer Overflow
This module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.1 Build 6.0.10.10 or earlier. By sending a specially crafted OnFCCONNECTFCSLOGIN packet containing a long username, an attacker may be able to execute arbitrary code. This module requires Metasploit...
BarCodeWiz ActiveX LoadProperties Buffer Overflow
Added: 05/23/2011 CVE: CVE-2010-2932 BID: 42097 OSVDB: 66882 Background BarCodeWiz Barcode ActiveX Control is a tool for generating barcodes in Microsoft Office documents, and for Visual Basic, Visual C++, VB.NET, C, or Delphi developer looking to include barcodes in programs. Problem The...