172 matches found
shopify-scripts: Invalid memory access in `mrb_str_format`
Only affects mruby because mruby-engine doesn't have sprintf. I should have filed this last friday before I went to the pub, so missed out on higher bounties. Oh well! Crash file is: sprintf"%1$c", 0 Crash is: $ lldb ./bin/mruby ../crash.rb lldb target create "./bin/mruby" Current executable set ...
(0Day) Advantech WebAccess webvrpcs Service BwWebSvc.dll ProjectName/NodeName sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13C7C IOCTL in the BwOpcTool subsystem. A stack-based buff...
(0Day) Advantech WebAccess webvrpcs Service BwWebSvc.dll ProjectName sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13C71 IOCTL in the BwOpcTool subsystem. A stack-based buff...
Advantech WebAccess datacore Service datacore.exe sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x7920 IOCTL in the Kernel subsystem. A stack-based buffer...
Advantech WebAccess webvrpcs Service BwpAlarm.dll sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x1136A IOCTL in the BwpAlarm subsystem. A stack-based buffe...
Advantech WebAccess webvrpcs Service BwOpcSvc.dll WindowName sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x1389F IOCTL in the BwOpcTool subsystem. A stack-based buff...
Updated perl-DBD-Firebird packages fix CVE-2015-2788
Updated perl-DBD-Firebird packages fix security vulnerability: Stefan Roas discovered a way to cause a buffer overflow in DBD::FireBird in certain error conditions, due to the use of the sprintf function to write to a fixed-size memory buffer CVE-2015-2788...
Debian Security Advisory DSA 3219-1 (libdbd-firebird-perl - security update)
Stefan Roas discovered a way to cause a buffer overflow in DBD-FireBird, a Perl DBI driver for the Firebird RDBMS, in certain error conditions, due to the use of the sprintf function to write to a fixed-size memory buffer. OpenVAS Vulnerability Test $Id: deb3219.nasl 6609 2017-07-07 12:05:59Z...
Fred N. van Kempen dip 3.3.7 - Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/86/info A buffer overflow resides in 'dip-3.3.7o' and derived programs. This is a problem only on systems where 'dip' is installed setuid. The culpable code is an 'sprintf' in line 192 in 'main.c': sprintfbuf, %s/LCK..%s,...
DATAC RealWin <= 2.0 (Build 6.1.8.10) Buffer Overflow Vulnerabilities
No description provided by source. Source: http://aluigi.org/adv/realwin1-adv.txt Luigi Auriemma Application: DATAC RealWin http://www.dataconline.com/software/realwin.php http://www.realflex.com Versions: = 2.0 Build 6.1.8.10 Platforms: Windows Bugs: A stack overflow in SCPCINITIALIZE and...
VLC MMS Stream Handling Buffer Overflow
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Darxite 0.4 Login Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1598/info Darxite 0.4 does not do proper bounds checking on user-supplied data during the login process, relying on sprintf to deliver the data into a 256 character buffer. Therefore, it is possible for an attacker to...
British National Corpus SARA 0 Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10984/info sarad is reported prone to a buffer overflow vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data. A remote attacker can trigger the overflow condition by supplying a...
CVE-2014-1545
Mozilla Netscape Portable Runtime NSPR before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write via vectors involving the sprintf and console functions...
DEBIAN-CVE-2014-1545
Mozilla Netscape Portable Runtime NSPR before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write via vectors involving the sprintf and console functions...
CVE-2014-1545
Mozilla Netscape Portable Runtime NSPR before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write via vectors involving the sprintf and console functions...
CVE-2014-1545
Mozilla Netscape Portable Runtime NSPR before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service out-of-bounds write via vectors involving the sprintf and console functions...
D-Link DIR-605L Captcha Handling Buffer Overflow
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 /Boa/ include Msf::Exploit::Remote::HttpClient def initializeinfo = superupdateinfoinfo, 'Name' = 'D-Link DIR-605L Captcha Handling...
D-Link DIR-605L Captcha Handling Buffer Overflow Vulnerability
This Metasploit module exploits an anonymous remote code execution on D-Link DIR-605L routers. The vulnerability exists while handling user supplied captcha information, and is due to the insecure usage of sprintf on the getAuthCode function. This Metasploit module has been tested successfully on...
D-Link DIR-605L - Captcha Handling Buffer Overflow (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 /Boa/ include Msf::Exploit::Remote::HttpClient def initializeinfo = superupdateinfoinfo, 'Name' = 'D-Link DIR-605L Captcha Handling...