Stack overflow

XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted JPEG 2000 file that is mishandled during the opening of a directory in "Browser" mode, because of a "Stack Buffer Overrun" issue...

CVE-2017-10743

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Stack Buffer Overrun /GS Exception starting at ntdll77df0000!LdrpInitializeNode+0x000000000000015b."...

CVE-2017-8781

XnView Classic for Windows Version 2.40 allows user-assisted remote attackers to execute code via a crafted JPEG 2000 file that is mishandled during the opening of a directory in "Browser" mode, because of a "Stack Buffer Overrun" issue...

CVE-2017-10743

XnView Classic for Windows 2.40 is vulnerable to a buffer-overrun in a crafted .rle file, related to a Stack Buffer Overrun at ntdll_77df0000!LdrpInitializeNode. This can allow arbitrary code execution or a denial of service. No remediation details are provided in the documents.

CVE-2017-9225

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigencunicodegetcasefoldcodesbystr occurs during regular expression compilation. Code point 0xFFFFFFFF is not properly handled in...

CVE-2017-9227

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbcenclen during regular expression searching. Invalid handling of reg-dmin in forwardsearchrange could result in an invalid pointer...

Microsoft Skype Stack Buffer Overflow Vulnerability

Microsoft Skype is a suite of instant messaging software from the American company Microsoft. A stack buffer overflow vulnerability exists in Microsoft Skype. An attacker could exploit this vulnerability to cause a denial of service software crash and execute code...

CVE-2017-9948

CVE-2017-9948: A stack buffer overflow in Skype's MSFTEDIT.DLL arises from mishandling images copied from an RDP session clipboard, affecting Skype versions 7.2, 7.35, and 7.36 prior to 7.37. The issue allows remote/local exploitation to crash or potentially execute code, as described across mult...

CVE-2017-9928

In lrzip 0.631, a stack buffer overflow was found in the function getfileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file...

CVE-2017-9929

In lrzip 0.631, a stack buffer overflow was found in the function getfileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file...

CVE-2017-9928

In lrzip 0.631, a stack buffer overflow was found in the function getfileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file...

CVE-2017-9929

In lrzip 0.631, a stack buffer overflow was found in the function getfileinfo in lrzip.c:1074, which allows attackers to cause a denial of service via a crafted file...

CVE-2017-9929

lrzip 0.631 is affected by a stack-based buffer overflow in get_fileinfo (CVE-2017-9929), enabling DoS via crafted files. Debian/Ubuntu advisories (DLA-2725-1, USN-5171-1/2) indicate fixes in updated packages and list related CVEs (CVE-2017-8844, -8846, -9928, -9929, -2018-5650, -2018-5747, -2018...

[ASA-201706-33] poppler: arbitrary code execution

Arch Linux Security Advisory ASA-201706-33 ========================================== Severity: High Date : 2017-06-26 CVE-ID : CVE-2017-9775 CVE-2017-9776 Package : poppler Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-326 Summary ======= The package...

PT-2017-19292 · Lrzip +1 · Lrzip +1

Name of the Vulnerable Software and Affected Versions: lrzip version 0.631 Description: A stack buffer overflow was found in the get fileinfo function in lrzip.c at line 1074, which allows attackers to cause a denial of service via a crafted file. Recommendations: For lrzip version 0.631, conside...

LAME 3.99.5 - 'III_dequantize_sample' Stack Buffer Overflow

Description: lame is a high quality MPEG Audio Layer III MP3 encoder licensed under the LGPL. Few notes before the details of this bug. Time ago a fuzz was done by Brian Carpenter and Jakub Wilk which posted the results on the debian bugtracker. In cases like this, when upstream is not active and...

Microsoft Skype - v7.x Stack Buffer Overflow Vulnerability

Document Title: =============== Microsoft Skype - v7.x Stack Buffer Overflow Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2084 Video: https://www.youtube.com/watch?v=VUx2TSJ36-g Advisory: https://www.vulnerability-lab.com/getcontent.php?id=2071...

CVE-2017-9775

Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service application crash via a crafted PDF document...

CVE-2017-9775

Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service application crash via a crafted PDF document...

CVE-2017-9775

Stack buffer overflow in GfxState.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service application crash via a crafted PDF document...