CVE-2019-5041

CVE-2019-5041 affects Aspose.Words for C++ 18.11.0.0. A stack-based buffer overflow in EnumMetaInfo can be triggered by processing a crafted DOC file, causing remote code execution. Public TALOS advisory TALOS-2019-0805 documents the vulnerability in Aspose.Words for C++ 18.11.0.0, with CVSS v3.0...

CVE-2019-5041

An exploitable Stack Based Buffer Overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file t...

(0Day) WECON LeviStudioU ShortMessage_Module SMtext Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WECON LeviStudioU. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling o...

CVE-2019-5038

Nest Labs Openweave-core 4.0.2 is affected by CVE-2019-5038 in the print-tlv command. Cisco Talos describes a stack-based buffer overflow caused by a depth-unbounded TLV dump in the weave print-tlv flow, where DumpHandler copies up to 0x14 tabs into a 48-byte buffer, allowing overflow and potenti...

CVE-2019-5038

An exploitable command execution vulnerability exists in the print-tlv command of Weave tool. A specially crafted weave TLV can trigger a stack-based buffer overflow, resulting in code execution. An attacker can trigger this vulnerability by convincing the user to open a specially crafted Weave...

Nest Labs Openweave Weave tool Print-TLV code execution vulnerability

Summary An exploitable command execution vulnerability exists in the print-tlv command of Weave tool. A specially crafted weave TLV can trigger a stack-based buffer overflow, resulting in code execution. An attacker can trigger this vulnerability by convincing the user to open a specially crafted...

Fuji Electric Alpha5 Smart Loader

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: Fuji Electric Equipment: Alpha5 Smart Loader Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute code under the privileges of...

Stack overflow

Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. By persuading a victim to open a specially-crafted ISO archive file, an attacker could execution arbitrary code...

CVE-2019-12807

Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format. By persuading a victim to open a specially-crafted ISO archive file, an attacker could execution arbitrary code...

NewStart CGSL CORE 5.04 / MAIN 5.04 : librelp Vulnerability (NS-SA-2019-0050)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has librelp packages installed that are affected by a vulnerability: - A stack-based buffer overflow was found in the way librelp parses X.509 certificates. By connecting or accepting connections from a remote peer, an attacker...

NewStart CGSL CORE 5.04 / MAIN 5.04 : libkdcraw Multiple Vulnerabilities (NS-SA-2019-0068)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libkdcraw packages installed that are affected by multiple vulnerabilities: - LibRaw is vulnerable to stack-based buffer overflow in internal/dcrawcommon.cpp:quicktake100loadraw function when processing specially-crafted RA...

NewStart CGSL MAIN 4.05 : ntp Vulnerability (NS-SA-2019-0150)

The remote NewStart CGSL host, running version MAIN 4.05, has ntp packages installed that are affected by a vulnerability: - The ntpq and ntpdc command-line utilities that are part of ntp package are vulnerable to stack-based buffer overflow via crafted hostname. Applications using these vulnerab...

NewStart CGSL CORE 5.04 / MAIN 5.04 : gcab Vulnerability (NS-SA-2019-0020)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gcab packages installed that are affected by a vulnerability: - A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code...

NewStart CGSL MAIN 4.05 : librelp Vulnerability (NS-SA-2019-0147)

The remote NewStart CGSL host, running version MAIN 4.05, has librelp packages installed that are affected by a vulnerability: - A stack-based buffer overflow was found in the way librelp parses X.509 certificates. By connecting or accepting connections from a remote peer, an attacker may use a...

RHEL 7 : ovmf (RHSA-2019:2125)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2125 advisory. OVMF Open Virtual Machine Firmware is a project to enable UEFI support for Virtual Machines. This package contains a sample 64-bit UEFI...

RHEL 7 : ntp (RHSA-2019:2077)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:2077 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service...

NewStart CGSL MAIN 4.05 : jasper Multiple Vulnerabilities (NS-SA-2019-0109)

The remote NewStart CGSL host, running version MAIN 4.05, has jasper packages installed that are affected by multiple vulnerabilities: - JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file...

NewStart CGSL MAIN 5.04 : liblouis Vulnerability (NS-SA-2019-0004)

The remote NewStart CGSL host, running version MAIN 5.04, has liblouis packages installed that are affected by a vulnerability: - A missing fix for one stack-based buffer overflow in findTable for CVE-2014-8184 was discovered. An attacker could cause denial of service or potentially allow arbitra...

NewStart CGSL MAIN 5.04 : glibc Multiple Vulnerabilities (NS-SA-2019-0012)

The remote NewStart CGSL host, running version MAIN 5.04, has glibc packages installed that are affected by multiple vulnerabilities: - elf/dl-load.c in ld.so in the GNU C Library aka glibc or libc6 through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the...

NewStart CGSL MAIN 4.05 : quagga Multiple Vulnerabilities (NS-SA-2019-0101)

The remote NewStart CGSL host, running version MAIN 4.05, has quagga packages installed that are affected by multiple vulnerabilities: - A denial of service flaw affecting various daemons in Quagga was found. A remote attacker could use this flaw to cause the various Quagga daemons, which expose...