Security Bulletin: Aspera OnDemand is affected by an openSSL vulnerability (CVE-2018-0739)

Summary Aspera OnDemand has addressed the following openSSL vulnerability. Vulnerability Details CVEID: CVE-2018-0739 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By sending specially crafted ASN.1 data with a recursive definition, a remote attacker could exploit this vulnerability ...

Artifex Ghostscript Denial of Service Vulnerability (CNVD-2020-54476)

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Rational ClearCase (CVE-2018-0739)

Summary OpenSSL vulnerabilities were disclosed on March 27 2018 by the OpenSSL Project. OpenSSL is used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2018-0739 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By...

Security Bulletin: A vulnerability in glibc affects PowerKVM

Summary PowerKVM is affected by a vulnerability in the GNU C Library glibc. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2017-1000366 DESCRIPTION: Glibc could allow a local attacker to execute arbitrary code on the system, caused by a vulnerability that allows...

CVE-2017-7790

On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system. Note: This attack only affects Windows operating systems...

Code injection

On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system. Note: This attack only affects Windows operating systems...

CVE-2017-7790

On Windows systems, if non-null-terminated strings are copied into the crash reporter for some specific registry keys, stack memory data can be copied until a null is found. This can potentially contain private data from the local system. Note: This attack only affects Windows operating systems...

CVE-2017-7790

CVE-2017-7790 affects the Windows build of Mozilla Firefox prior to 55. The issue arises when non-null-terminated strings are copied into the crash reporter for certain registry keys, causing stack memory to be copied up to a null terminator. This could potentially expose private data from the lo...

MP3Gain 'apetag.c' Memory Corruption Vulnerability

MP3Gain is a volume adjustment application for MP3 files. A security vulnerability exists in the apetag.c file in MP3Gain version 1.5.2.r2. The vulnerability can be exploited to corrupt stack memory with the help of specially crafted MP3 files...

Paessler PRTG Network Monitor Denial of Service Vulnerability

Paessler PRTG Network Monitor is a full-featured network monitoring and management software from Paessler AG, Germany. A security vulnerability exists in Paessler PRTG Network Monitor prior to version 18.1.39.1648, which can be exploited to cause a denial of service due to a failure of the progra...

CVE-2018-10253

Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls...

CVE-2018-10253

Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls...

CVE-2018-10253

Paessler PRTG Network Monitor prior to version 18.1.39.1648 is affected by a stack memory handling issue during API calls, described as a stack overflow/DoS vulnerability. Public references (CNVD/OpenVAS/Exploit-DB) indicate the vulnerability can be triggered remotely and leads to denial of servi...

Microsoft Windows - nt!NtQueryVirtualMemory (MemoryImageInformation) Kernel 64-bit Stack Memory Disc

Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryVirtualMemory system call invoked with the MemoryImageInformation 0x6 information class discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects 64-bit versions of Windows...

Microsoft Windows - nt!NtQueryFullAttributesFile Kernel Stack Memory Disclosure Exploit

Exploit for windows platform in category dos / poc / We have discovered that the nt!NtQueryFullAttributesFile system call invoked with paths of certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 7 to 10, 32/64-bit. The paths...

Microsoft Windows - 'nt!NtQueryFullAttributesFile' Kernel Stack Memory Disclosure

/ We have discovered that the nt!NtQueryFullAttributesFile system call invoked with paths of certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 7 to 10, 32/64-bit. The paths that we have observed to trigger the leak in our te...

Microsoft Windows - nt!NtQueryVirtualMemory (MemoryImageInformation) Kernel 64-bit Stack Memory Disclosure

Microsoft Windows - nt!NtQueryVirtualMemory MemoryImageInformation Kernel 64-bit Stack Memory Disclosure / We have discovered that the nt!NtQueryVirtualMemory system call invoked with the MemoryImageInformation 0x6 information class discloses uninitialized kernel stack memory to user-mode clients...

Microsoft Windows - nt!NtQueryVolumeInformationFile Kernel Stack Memory Disclosure

Microsoft Windows - nt!NtQueryVolumeInformationFile Kernel Stack Memory Disclosure / We have discovered that the nt!NtQueryVolumeInformationFile system call invoked against certain kernel objects discloses uninitialized kernel stack memory to user-mode clients. The vulnerability affects Windows 1...

Microsoft Windows - nt!NtQueryVirtualMemory (Memory(Privileged)BasicInformation) Kernel 64-bit Stack Memory Disclosure

Microsoft Windows - nt!NtQueryVirtualMemory MemoryPrivilegedBasicInformation Kernel 64-bit Stack Memory Disclosure / We have discovered that the nt!NtQueryVirtualMemory system call invoked with the MemoryBasicInformation 0x0 and MemoryPrivilegedBasicInformation 0x8 information classes discloses...

Microsoft Windows - 'nt!NtQueryInformationProcess (ProcessImageFileName)' Kernel 64-bit Pool/Stack Memory Disclosure

/ We have discovered that the nt!NtQueryInformationProcess system call invoked with the ProcessImageFileName 0x1B information class discloses uninitialized kernel memory to user-mode clients. The vulnerability affects 64-bit versions of Windows 7 to 10. According to the ZwQueryInformationProcess...