CVE-2014-9659

cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service stack-based buffer overflow via a crafted OpenType font. NOTE: this...

CVE-2014-9659

CVE-2014-9659 affects FreeType’s CFF CharString interpreter (cff/cf2intrp.c) prior to 2.5.4. After computing the hint mask, it proceeds with additional hints, allowing a crafted OpenType font to cause remote arbitrary code execution or a stack-based buffer overflow (DoS). Root cause noted as an i...

CVE-2014-9659

cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service stack-based buffer overflow via a crafted OpenType font. NOTE: this...

Apple-QuickTime-7.5-(.m3u)

Apple QuickTime is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result i...

CVE-2014-9200

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM...

CVE-2014-9200 Schneider Electric Device Type Managers (DTMs) Stack-based Buffer Overflow

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM...

CVE-2014-5211

Stack-based buffer overflow in the Attachmate Reflection FTP Client before 14.1.433 allows remote FTP servers to execute arbitrary code via a large PWD response...

CVE-2014-5211

CVE-2014-5211 affects Attachmate Reflection FTP Client prior to 14.1.433. It is a stack-based buffer overflow caused by insufficient boundary checking when processing the PWD command response, allowing remote code execution in the context of the current user. Exploitation involves a crafted large...

CVE-2014-8158

Multiple stack-based buffer overflows in jpcqmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted JPEG 2000 image...

CVE-2014-8158

JasPer 1.900.1 and earlier contain multiple stack-based buffer overflows in jpc_qmfb.c, enabling remote attackers to crash or possibly execute arbitrary code via crafted JPEG 2000 images. The issue (CVE-2014-8158) affects the JasPer JPEG-2000 library; impact is a denial of service and potential c...

CVE-2014-8158

Multiple stack-based buffer overflows in jpcqmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted JPEG 2000 image...

Oracle Solaris Third-Party Patch Update : icu (multiple_vulnerabilities_in_international_components)

The remote Solaris system is missing necessary patches to address security updates : - The International Components for Unicode ICU functionality in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

GetGo Download Manager HTTP Response Buffer Overflow Exploit

Exploit for windows platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'GetGo Download Manager HTTP Response Buffer Overflow', 'Description' = %q...

Oracle Solaris Third-Party Patch Update : bash (cve_2012_3410_stack_based)

The remote Solaris system is missing necessary patches to address security updates : - Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled...

Oracle Solaris Third-Party Patch Update : libtiff (cve_2012_5581_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - Stack-based buffer overflow in tifdir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image...

Oracle Solaris Third-Party Patch Update : quagga (cve_2013_2236_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Stack-based buffer overflow in the newmsglsachangenotify function in the OSPFD API ospfapi.c in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers...

GetGo Download Manager HTTP Response Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'GetGo Download Manager HTTP Response Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow...

Updated ettercap packages fix security vulnerabilities

Updated ettercap package fixes security vulnerabilities: Heap-based buffer overflow in the dissectorpostgresql function in dissectors/ecpostgresql.c in Ettercap before 8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted password length value...

CVE-2014-9451

Multiple stack-based buffer overflows in the DIVA web service API /webservice in VDG Security SENSE formerly DIVA 2.3.13 allow remote attackers to execute arbitrary code via the 1 user or 2 password parameter in an AuthenticateUser request...

CVE-2014-8184

A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable in liblouis. An attacker could create a malicious file that would cause applications that use liblouis such as Orca to crash, or potentially execute arbitrary code when opened...