5905 matches found
VLC Media Player RTSP Plugin Stack Buffer Overflow (CVE-2013-6933)
A stack buffer overflow exists in VideoLAN VLC Media Player. The vulnerability is due an error in VLC's embedded Live555 RTSP library, when handling RTSP requests. Incorrect handling of RTSP commands can result in a stack buffer overflow. A remote unauthenticated attacker could exploit this...
HP AIO Archive Query Server oasoa.exe Stack Buffer Overflow (CVE-2013-6189)
A stack buffer overflow vulnerability exists in HP Application Information Optimizer. The vulnerability is due to insufficient sanitization on the range of the opcode value. A remote unauthenticated attacker can leverage this vulnerability by sending crafted messages to the server...
Avaya多个IP电话命令注入和栈缓冲区溢出漏洞
Bugtraq ID:65842 Avaya IP Phones是IP电话系统。 Avaya多个IP Phones存在命令注入和基于栈的缓冲区溢出漏洞,允许远程攻击者利用漏洞使应用程序崩溃或执行任意shell命令。 0 Avaya IP Phones 厂商补丁: Avaya ----- 用户可参考如下厂商提供的安全补丁以修复该漏洞: http://www.avaya.com/...
Wireshark DECT Dissector Stack Buffer Overflow - Ver2 (CVE-2011-1591)
A stack buffer overflow vulnerability has been reported in Wireshark DECT dissector. The vulnerability is caused due to improper bounds checking. A remote attacker can exploit this vulnerability by enticing a user to read a specially crafted packet trace file. Successful exploitation would allow ...
Linksys WRT120N 'fprintf()'函数远程栈缓冲区溢出漏洞
BUGTRAQ ID: 65860 WRT120N是无线家庭路由器产品。 Linksys WRT120N(固件版本1.0.07)在函数 "fprintf"的实现上存在边界错误,可导致栈缓冲区溢出,任意代码执行。 0 Linksys WRT120N 1.0.07 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.linksys.com...
VCDGEAR 3.50 Stack Buffer Overflow
Author: Provensec www.provensec.com Tested on XP SP3 / Windows 7 Description: VCDGEAR 3.50 is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker can exploit this issue to execute arbitrary code...
Notepad++ CCompletion Plugin 1.19 - Local Stack Buffer Overflow
Notepad++ CCompletion Plugin 1.19 - Local Stack Buffer Overflow Application:Notepad++ Version:6.5.2 UNICODE Get the application from: http://notepad-plus-plus.org/download/v6.5.2.html Plugin:CCompletion Version: Version 1.19 Unicode Get the plugin from:...
Dassault Systemes Catia栈缓冲区溢出漏洞
BUGTRAQ ID: 65675 Catia V5-6R2013是法国达索系统(Dassault Systemes)公司开发的一套跨平台的商业3维CAD设计软件。 Catia V5-6R2013版本中存在基于栈的缓冲区溢出漏洞,该漏洞源于应用程序没有对用户提交的数据进行充分的执行边界检查。攻击者可利用该漏洞在应用程序上下文中执行任意代码,也可能造成拒绝服务。 0 Catia V5-6R2013 目前厂商暂无提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...
Linksys WRT120N tmUnblock Stack Buffer Overflow
This module exploits a stack-based buffer overflow vulnerability in the WRT120N Linksys router to reset the password of the management interface temporarily to an empty value. This module has been tested successfully on a WRT120N device with firmware version 1.0.07. This module requires Metasploi...
Catia V5-6R2013 Stack Buffer Overflow
Exploit Title: Dassault Systemes Catia V5-6R2013 "CATV5AllApplications" Stack Buffer Overflow Date: 2-18-2014 Exploit Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.3ds.com/products-services/catia/portfolio/catia-v5/latest-release/ Tested on: Windows 7 &...
Catia V5-6R2013 - 'CATV5_Backbone_Bus' Stack Buffer Overflow (PoC)
''' Title: Dassault Syst�mes Catia V5-6R2013 "CATV5BackboneBus" Stack Buffer Overflow Date: 2-18-2014 Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.3ds.com/products-services/catia/portfolio/catia-v5/latest-release/ Tested on: Windows 7 & Windows XP...
SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 Buffer Overflow
Exploit Title: SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 Remote Code Execution Vulnerability Date: 2-18-2014 Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.solidworks.com/sw/products/product-data-management/workgroup-pdm.htm Tested on: Windows 7...
Catia V5-6R2013 - 'CATV5_AllApplications' Stack Buffer Overflow (PoC)
''' Exploit Title: Dassault Systemes Catia V5-6R2013 "CATV5AllApplications" Stack Buffer Overflow Date: 2-18-2014 Exploit Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.3ds.com/products-services/catia/portfolio/catia-v5/latest-release/ Tested on: Windows 7 &...
VideoCharge Studio - 'CHTTPResponse::GetHttpResponse()' Remote Stack Buffer Overflow
source: https://www.securityfocus.com/bid/65685/info VideoCharge Studio is prone to a remote stack-based buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Successful exploits allow remo...
SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 - Denial of Service
''' Exploit Title: SolidWorks Workgroup PDM 2014 SP2 Opcode 2001 Remote Code Execution Vulnerability Date: 2-18-2014 Author: Mohamed Shetta Email: mshetta |at| live |dot| com Vendor Homepage: http://www.solidworks.com/sw/products/product-data-management/workgroup-pdm.htm Tested on: Windows 7...
Dassault Systemes Catia - Remote Stack Buffer Overflow
Dassault Systemes Catia - Remote Stack Buffer Overflow source: https://www.securityfocus.com/bid/65675/info Catia is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary-checks on user-supplied input. An attacker can exploit this issue to...
Ultra Mini HTTPd 1.21 - 'POST' Remote Stack Buffer Overflow (1)
Exploit Title: Ultra Mini HTTPD stack buffer overflow POST request Date: 16 Feb 2014 Exploit Author: Sumit Vendor Homepage: http://www.picolix.jp/ Software Link: http://www.vector.co.jp/soft/winnt/net/se275154.html Version: 1.21 Tested on: Windows XP Professional SP3 Description: A buffer overflo...
IBM Forms Viewer XFDL Form Processing Stack Buffer Overflow (CVE-2013-5447)
A stack buffer overflow vulnerability exists in IBM Forms Viewer. The vulnerability is due to an error when processing XFDL forms and can be exploited to cause a stack-based buffer overflow. A remote attacker can exploit this vulnerability by enticing a user to download and process a specially...
IBM Lotus Quickr ActiveX Stack Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Quickr for Domino. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within an ActiveX...
socat PROXY-CONNECT地址栈缓冲区溢出漏洞
BUGTRAQ ID: 65201 CVECAN ID: CVE-2014-0019 Socat是一个基于命令行的工具,可以创建两个双向字节流并在其间传输数据。 socat 1.3.0.0-1.7.2.2、2.0.0-b1-2.0.0-b6存在栈缓冲区溢出漏洞,本地用户通过命令行内PROXY-CONNECT地址中的超长服务器名称,即可利用此漏洞在受影响应用中执行任意代码。 0 socat socat 2.0.0-b1 - 2.0.0-b6 socat socat 1.3.0.0 - 1.7.2.2 厂商补丁: socat -----...