Stack overflow

A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request,...

CVE-2017-15134

CVE-2017-15134 affects 389-ds-base via a stack buffer overflow in slapi_filter_sprintf() when processing certain LDAP search filters. Impact: remote, unauthenticated denial of service by crashing ns-slapd. Affected versions include 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, and ...

Stack overflow

A stack-based buffer overflow Remote Code Execution issue was discovered in Design Science MathType 6.9c. This occurs in a function call in which the first argument is a corrupted offset value and the second argument is a stack buffer. This is fixed in 6.9d...

CVE-2017-15860

In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing an encrypted authentication management frame, a stack buffer overflow may potentially occur...

Stack overflow

In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing an encrypted authentication management frame, a stack buffer overflow may potentially occur...

CVE-2017-15860

CVE-2017-15860 affects Qualcomm WLAN in Android CAF builds using the Linux kernel. In these releases, processing an encrypted authentication management frame can trigger a stack buffer overflow in the Qualcomm component, with the Android bulletin listing this as a Remote Code Execution (RCE) vuln...

libreoffice/lwpfuzzer: Stack-buffer-overflow in vcl::bitmap::CreateFromData

Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=5090493626056704 Project: libreoffice Fuzzer: libFuzzerlibreofficelwpfuzzer Fuzz target binary: lwpfuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type:...

Pdfium - Pattern Shading Integer Overflows

This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in cpdfrenderstatus.cpp rely on a helper function to compute the numb...

EulerOS 2.0 SP2 : 389-ds-base (EulerOS-SA-2018-1033)

According to the version of the 389-ds-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could...

EulerOS 2.0 SP1 : 389-ds-base (EulerOS-SA-2018-1032)

According to the version of the 389-ds-base packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could...

ImageMagick ComputeResizeImage function stack buffer vulnerability

ImageMagick is a software for creating, editing, and compositing images that can read, convert, and write images in many formats. A stack buffer vulnerability exists in the ComputeResizeImage function in the MagickCore/accelerate.c file in ImageMagick 7.0.7-22. A remote attacker can cause a denia...

imagemagick/encoder_miff_fuzzer: Stack-buffer-overflow in QueryColorCompliance

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=4843070479663104 Project: imagemagick Fuzzer: aflimagemagickencodermifffuzzer Fuzz target binary: encodermifffuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type:...

gdal/gdal_fuzzer: Stack-buffer-overflow in SENTINEL2Dataset::OpenL1C_L2A

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5106216549220352 Project: gdal Fuzzer: aflgdalfuzzer Fuzz target binary: gdalfuzzer Job Type: aflasangdal Platform Id: linux Crash Type: Stack-buffer-overflow READ 4 Crash Address: 0x7f36692a5154 Crash...

Updated 389-ds-base packages fix security vulnerability

A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service CVE-2017-15134...

imagemagick/encoder_label_fuzzer: Stack-buffer-overflow in FxEvaluateSubexpression

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5681757736140800 Project: imagemagick Fuzzer: aflimagemagickencoderlabelfuzzer Fuzz target binary: encoderlabelfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type:...

CVE-2018-6767

An out-of-bounds stack buffer read flaw was found in WavPack. This flaw could potentially be used to crash WavPack CLI utilities by tricking them into processing specially crafted WAVE files...

openthread/ip6-send-fuzzer: Stack-buffer-overflow in ot::NetworkData::ServiceTlv::IsThreadEnterprise

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5472780666535936 Project: openthread Fuzzer: aflopenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow...

proj4/standard_fuzzer: Stack-buffer-overflow in pj_cs2cs_emulation_setup

Detailed report: https://oss-fuzz.com/testcase?key=4684634437713920 Project: proj4 Fuzzer: libFuzzerproj4standardfuzzer Fuzz target binary: standardfuzzer Job Type: libfuzzerasanproj4 Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address: 0x7f090b761408 Crash State:...

openthread/ip6-send-fuzzer: Stack-buffer-overflow in ot::NetworkData::ServerTlv::GetServer16

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5507424543834112 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type:...

openthread/ip6-send-fuzzer: Stack-buffer-overflow in ot::NetworkData::ServiceTlv::IsThreadEnterprise

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=6188652393660416 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthread Platform Id: linux Crash Type:...