6738 matches found
pcre2: Stack-buffer-overflow in match
Project: svn://vcs.exim.org/pcre2/code/trunk Detailed report: https://oss-fuzz.com/testcase?key=5102175699075072 Project: pcre2 Fuzzer: libFuzzerpcre2fuzzer Fuzz target binary: pcre2fuzzer Job Type: libfuzzerasanpcre2 Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address:...
libreoffice: Stack-buffer-overflow in SVMConverter::ImplConvertFromSVM1
Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://oss-fuzz.com/testcase?key=6501478460030976 Project: libreoffice Fuzzer: libFuzzerlibreofficesvmfuzzer Fuzz target binary: svmfuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type:...
Fatek Automation PLC WinProladder Stack Buffer Overflow (CVE-2016-8377)
A stack-based buffer overflow exists in Fatek Automation PLC WinProladder. The vulnerability is due to improper validation of user supplied data before copying to a stack-based buffer. A remote attacker could exploit this vulnerability by sending a crafted pdw file over a network to the vulnerabl...
EasyCom For PHP 4.0.0 - Buffer Overflow (PoC)
EasyCom For PHP 4.0.0 - Buffer Overflow PoC + Credits: John Page AKA Hyp3rlinX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EASYCOM-PHP-API-BUFFER-OVERFLOW.txt + ISR: ApparitionSec Vendor: ================ easycom-aura.com Product:...
Cisco ASA - WebVPN CIFS Handling Buffer Overflow Vulnerability
Exploit for hardware platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=998 The WebVPN http server exposes a way of accessing files from CIFS with a url hook of the form: https://portal/+webvpn+/CIFSR/shareserver/sharename/file. When someone logged in...
GraphicsMagick 'SVG File Parsing' Denial of Service Vulnerability - 01 - Windows
GraphicsMagick is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Geutebrueck GCore - GCoreServer.exe Buffer Overflow RCE
This module exploits a stack Buffer Overflow in the GCore server GCoreServer.exe. The vulnerable webserver is running on Port 13003 and Port 13004, does not require authentication and affects all versions from 2003 till July 2016 Version 1.4.YYYYY. This module requires Metasploit:...
Audiotran 1.4.1 (PLS File) Stack Buffer Overflow (CVE-2009-0476)
A stack-based buffer overflow exists in Audiotran 1.4.1. A remote attacker could trigger this vulnerability by enticing a victim to open a crafted file. Successful exploitation would allow remote attackers to execute arbitrary code via a long string in a playlist .pls file...
D-link DIR Routers - Unauthenticated HNAP Login Stack Buffer Overflow
No description provided by source...
FFmpeg stack buffer overflow vulnerability (CNVD-2017-01484)
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A stack buffer overflow vulnerability exists in FFmpeg. An attacker could exploit this vulnerability to execute arbitrary code in an affected application. A failed attack could result in a...
FFmpeg Stack Buffer Overflow Vulnerability
FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A stack buffer overflow vulnerability exists in FFmpeg. An attacker could exploit this vulnerability to execute arbitrary code in an affected application...
HPE LoadRunner 'magentproc.exe' Stack Buffer Overflow Vulnerability
HPE LoadRunner is prone to stack buffer overflow vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:hp:loadrunner";...
ffmpeg: Stack-buffer-overflow in synth_tones
Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5737865715646464 Project: ffmpeg Fuzzer: ffmpegAUDIOAVCODECIDDTSfuzzer Job Type: libfuzzerasanffmpeg Crash Type: Stack-buffer-overflow READ 4 Crash Address: 0x7f440e0a0a20 Crash State...
LibTIFF stack buffer overflow vulnerability (CNVD-2017-00978)
LibTiff is an application library responsible for encoding/decoding the TIFF image format. LibTIFF suffers from a stack buffer overflow vulnerability that stems from a failure to perform sufficient bounds checking when copying user data into an undersized buffer. An attacker could exploit this...
libreoffice: Stack-buffer-overflow in SVMConverter::ImplConvertFromSVM1
Project: git://anongit.freedesktop.org/libreoffice/core Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5153978836844544 Project: libreoffice Fuzzer: libFuzzerlibreofficesvmfuzzer Fuzz target binary: svmfuzzer Job Type: libfuzzerasanlibreoffice Platform Id: linux Crash Type...
Malware exploit: Poisonivy
Type: Stack Buffer Overflow Author: Gal Badishi This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::Tcp def...
SUSE-SU-2017:0084-1 Security update for jasper
This update for jasper fixes the following issues: - CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec. bsc1012530 - CVE-2016-9395: Invalid jasper files could lead to abort of the library caused by attacker provided image. bsc1010977 - CVE-2016-9398: Invalid jasper files could...
Remote code execution
An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting...
CVE-2015-2868
An exploitable remote code execution vulnerability exists in the Trane ComfortLink II firmware version 2.0.2 in DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long REG request that can overflow a fixed size stack buffer, resulting...
llvm_libcxxabi: Stack-buffer-overflow in std::__1::basic_string<char, std::__1::char_traits<char>, __cxxabiv1::malloc_all
Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5776265793503232 Project: llvmlibcxxabi Fuzzer: libFuzzerllvmlibcxxabicxademanglefuzzer Fuzz target binary: cxademanglefuzzer Job Type: libfuzzerasanllvmlibcxxabi Platform Id: linux Crash Type: Stack-buffer-overflow READ 1 Cra...