CVE-2019-3953

CVE-2019-3953 affects Advantech WebAccess/SCADA 8.4.0. A stack-based buffer overflow exists when handling IOCTL 10012 RPC calls, allowing a remote, unauthenticated attacker to execute arbitrary code. The entry is corroborated by multiple sources (NVD and national/national vulnerability databases)...

Thunderbird ESR < 60.7.XXX - icalrecur_add_bydayrules Stack-Based Buffer Overflow Vulnerability

Stack-based buffer overflow in Thunderbird ========================================== Severity Rating: High Confirmed Affected Versions: All versions affected Confirmed Patched Versions: Thunderbird ESR 60.7.XXX Vendor: Thunderbird Vendor URL: https://www.thunderbird.net/ Vendor Reference:...

Netperf 2.6.0 - Stack-Based Buffer Overflow Exploit

Exploit Author: Juan Sacco - http://exploitpack.com Tested on: Kali i686 GNU/Linux Description: Netperf 2.6.0 s a benchmark tool than developed by Helett Packard that can be used to measure the performance of many different types of networking. It provides tests for both unidirectional troughput...

Stack overflow

A stack-based buffer overflow can occur for specially crafted PDF files in Foxit Reader SDK ActiveX 5.4.0.1031 when parsing the URI string. An attacker can leverage this to gain remote code execution...

CVE-2018-19447

Foxit PDF SDK ActiveX vulnerability CVE-2018-19447 affects Foxit Reader SDK ActiveX Std/Pro 5.4.0.1031, where parsing URI strings can trigger a stack-based buffer overflow, enabling remote code execution. Root cause: unchecked URI parsing in the ActiveX component. Reported impact: remote code exe...

SUSE-SU-2019:1495-1 Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following security issues: - CVE-2019-11703: Fixed a heap-based buffer overflow in icalmemorystrdupanddequote bsc1137595. - CVE-2019-11704: Fixed a heap-based buffer overflow in parsergetnextchar bsc1137595. - CVE-2019-11705: Fixed a stack-based buffer...

Stack overflow

TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevate...

CVE-2019-6989

TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevate...

CVE-2019-6989

CVE-2019-6989 describes a stack-based buffer overflow in TP-LINK TL-WR940N (and TL-WR941ND) caused by improper bounds checking in ipAddrDispose. The vulnerability can be triggered by specially crafted ICMP echo requests, allowing a remote authenticated attacker to overflow a buffer and execute ar...

CVE-2019-12493

A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allo...

CVE-2019-12493

A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allo...

CVE-2019-10967

The CVE-2019-10967 entry concerns Emerson Ovation OCR400 Controller with OCR400 v3.3.1 or earlier. A stack-based buffer overflow in the embedded third‑party FTP server arises from improper handling of a long file name in the LIST command, potentially overwriting buffers and enabling remote code e...

CVE-2019-12360

A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump...

Advantech WebAccess < 8.3.5 Multiple Vulnerabilities (ICSA-19-092-01)

Binary data 700723.prm...

Axessh 4.2 - (Log file name) Local Stack-based Buffer Overflow Exploit

Exploit for windows platform in category local exploits Title: Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow Date: May 23rd, 2019 Author: Uday Mittal https://github.com/yaksas443/YaksasCSC-Lab/ Vendor Homepage: http://www.labf.com Software Link:...

Axessh 4.2 - &#039;Log file name&#039; Local Stack-based Buffer Overflow

Title: Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow Date: May 23rd, 2019 Author: Uday Mittal https://github.com/yaksas443/YaksasCSC-Lab/ Vendor Homepage: http://www.labf.com Software Link: http://www.labf.com/download/axessh.exe Version v4.2 Tested on: Windows 7 SP1 EN x86...

Stack overflow

In GoHttp through 2017-07-25, there is a stack-based buffer over-read via a long User-Agent header...

CVE-2019-12159

GoHTTP through 2017-07-25 has a stack-based buffer over-read in the scan function when called from getRequestType via a long URL...

Security Bulletin: Vulnerabilities in the Linux Kernel affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in the Linux Kernel. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2018-1000026 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by the improper validation of user-supplied input by the bnx2x...

Stack-Based Buffer Overflow

PHP is vulnerable to stack-based buffer overflow attacks. An attacker could exploit a flaw in the zendinidoop function in Zend/zendiniparser.c file. which may leads to a denial of serviceDoS or potentially execute arbitrary code...