Advantech WebAccess AspVCObj.AspDataDriven ActiveX Stack Buffer Overflow (CVE-2014-9208)

A stack buffer overflow vulnerability exists in Advantech's WebAccess SCADA software. The vulnerability is due to insufficient input validation of an argument of multiple functions in the AspVCObj ActiveX control. A remote, unauthenticated attacker can exploit this vulnerability by enticing a...

Last PassBroker 3.2.16 - Stack Buffer Overflow (PoC)

''' Exploit Title: Last PassBroker Stack-based BOF Date: 9/23/2015 Exploit Author: UnN0n Software Link: https://lastpass.com/download Version: 3.2.16 Tested on: Windows 7 x8632 BIT Steps to Produce the Crash: 1- open 'LastPassBroker.exe'. 2- A Input-Box will appear asking for Email and Password, ...

Reprise License Manager actserver and akey HTTP Parameters Parsing Stack Buffer Overflow

A stack buffer overflow vulnerability exists in the Reprise License Manager. The vulnerability is due to insufficient input validation of the actserver and akey parameters while processing a number of HTTP requests. Successful exploitation would lead to arbitrary code execution under the security...

[SECURITY] [DLA 324-1] binutils security update

Package : binutils Version : 2.20.1-16+deb6u2 CVE ID : CVE-2012-3509 Debian Bug : 688951 This update fixes several issues as described below. PR ld/12613 no CVE assigned Niranjan Hasabnis discovered that passing an malformed linker script to GNU ld, part of binutils, may result in a stack buffer...

DLA-324-1 binutils - security update

Bulletin has no description...

IKEView.exe Stack Buffer Overflow Vulnerability

IKEView.exe is a tool for checking Internet private key exchange in firewall packets. IKEView.exe does not perform proper boundary checks on user-submitted inputs, allowing an attacker to exploit the vulnerability to execute arbitrary code or conduct denial-of-service attacks...

Kaspersky Anti-Virus Stack Buffer Overflow Vulnerability

Kaspersky Anti-Virus is a suite of antivirus software developed by the Russian company Kaspersky Kaspersky. Kaspersky Anti-Virus suffers from a stack buffer overflow vulnerability. An attacker could exploit this vulnerability to execute arbitrary code on an affected system, which could also resul...

Adobe Flash Player <= 18.0.0.232 Multiple Vulnerabilities (APSB15-23)

The version of Adobe Flash Player installed on the remote Windows host is equal or prior to version 18.0.0.232. It is, therefore, affected by multiple vulnerabilities : - An unspecified stack corruption issue exists that allows a remote attacker to execute arbitrary code. CVE-2015-5567,...

OS X Regex Engine (TRE) - Stack Buffer Overflow Vulnerability

Exploit for macOS platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=428 OS X Libc uses the slightly obscure TRE regex engine http://laurikari.net/tre/ If used in enhanced mode by passing the REGENHANCED flag to regcomp TRE supports...

Kaspersky AntiVirus - CHM Parsing Stack Buffer Overflow

Source: https://code.google.com/p/google-security-research/issues/detail?id=524 Fuzzing CHM files with Kaspersky Antivirus produced the attached crash. 83c.fec: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This exception may be...

IBM HTTP Server Administration Server Stack Buffer Overflow Vulnerability

IBM WebSphere Application Server WAS is an application server product from IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform.IBM HTTP Server is a freeware product that comes with the IBM WAS product. IBM HTTP...

Yokogawa Multiple Product Stack Buffer Overflow Vulnerability

Yokogawa Japan Yokogawa Electric Corporation is a leader in measurement, industrial automation control, and information systems. A stack buffer overflow vulnerability exists in multiple Yokogawa products, which can be exploited by an attacker to cause network communications to be unresponsive by...

IKEView.exe R60 - Stack Buffer Overflow (PoC)

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-IKEVIEWR60-0914.txt Vendor: ================================ www.checkpoint.com http://pingtool.org/downloads/IKEView.exe Product: ==================================================...

Amazon Linux: Security Advisory (ALAS-2015-492)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moxa SoftCMS RTSPVIDEO.rtspvideoCtrl.1 AudioRecord Method ip Argument Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Moxa SoftCMS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the AudioRecord...

Amazon Linux: Security Advisory (ALAS-2015-503)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

(0Day) ASUS TM-AC1900 httpd Stack Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the ASUS TM-1900. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HTTP header parsing routine. The issue lies in the failure to check the size of...

(0Day) Borland AccuRev Reprise License Server service_setup_doit Command Stack Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the servicestartupdoit functionality of the Reprise License Manager service. The issue...

(0Day) Borland AccuRev Reprise License Server activate_doit Command akey Parameter Stack Buffer Overflow Vulnerability

This vulnerability allows remote attackers to cause a stack buffer overflow in the Reprise License Management service on installations of Borland AccuRev. Authentication is not required to exploit this vulnerability. The specific flaw exists within the activatedoit function of the service. The...

Mpxplay MultiMedia Commander 2.00a - .m3u Stack Buffer Overflow (PoC)

Mpxplay MultiMedia Commander 2.00a - .m3u Stack Buffer Overflow PoC Exploit Title: Mpxplay Multimedia Commander Stack-based BOF Date: 9/1/2015 Exploit Author: UnN0n Software Link: http://sourceforge.net/p/mpxplay/activity?source=projectactivity Version: V2.00a Tested on: Windows 7 x8632 BIT Steps...