CVE-2017-12707

A Stack-based Buffer Overflow issue was discovered in SpiderControl SCADA MicroBrowser Versions 1.6.30.144 and prior. Opening a maliciously crafted html file may cause a stack overflow...

Stack overflow

A network interface of the noviprocessmanagerdaemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be...

CVE-2017-12787

The vulnerability CVE-2017-12787 affects NoviFlow/NoviWare NW400.2.6 and NoviSwitch devices, where the network interface of the novi_process_manager_daemon can be inadvertently exposed during ACL modifications. The bug can allow remote, unauthenticated attackers to execute code with root privileg...

Scientific Linux Security Update : libsoup on SL7.x x86_64 (20170815)

Security Fixes : - A stack-based buffer overflow flaw was discovered within the HTTP processing of libsoup. A remote attacker could exploit this flaw to cause a crash or, potentially, execute arbitrary code by sending a specially crafted HTTP request to a server using the libsoup HTTP server...

Scientific Linux Security Update : libtasn1 on SL7.x x86_64 (20170801)

The following packages have been upgraded to a later upstream version: libtasn1 4.10. Security Fixes : - A heap-based buffer overflow flaw was found in the way the libtasn1 library decoded certain DER-encoded inputs. A specially crafted DER- encoded input could cause an application using libtasn1...

CVE-2017-11323

Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted MS-DOS device file, as demonstrated by use of "AUX" as the initial substring of a filename...

CVE-2017-11323

CVE-2017-11323 affects ESTsoft ALZip 8.51 and earlier. The root cause is a stack-based buffer overflow in the handling of MS-DOS device files, exploitable remotely when a crafted filename begins with substrings like AUX. Reported impact is arbitrary code execution with the attacker likely remote,...

CVE-2015-1817

CVE-2015-1817 affects musl libc’s inet_pton: a stack-based buffer overflow in network/inet_pton.c across musl releases 0.9.15–1.0.4 and 1.1.0–1.1.7 enables unspecified impact via unknown vectors. Affected versions include the listed 0.9.15–1.0.4 and 1.1.0–1.1.7, with the vulnerability rooted in t...

CVE-2017-9659

A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. The stack-based buffer overflow vulnerability has been identified, which may cause a crash or allow remote code execution...

Stack overflow

A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. The stack-based buffer overflow vulnerability has been identified, which may cause a crash or allow remote code execution...

CVE-2017-9659

A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. The stack-based buffer overflow vulnerability has been identified, which may cause a crash or allow remote code execution...

CVE-2017-9659

CVE-2017-9659 affects Fuji Electric Monitouch V-SFT before version 5.4.43.0. The issue is a stack-based buffer overflow in parsing V8 project files, which can crash the application and may allow remote code execution. Public references (ZDI advisories) describe exploitation requiring user interac...

Fedora 25 : libsoup (2017-872a0a9a85)

Security fix for CVE-2017-2885 stack based buffer overflow with HTTP Chunked Encoding. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

openSUSE Security Update : libsoup (openSUSE-2017-914)

This update for libsoup fixes the following issues : - A bug in the HTTP Chunked Encoding code has been fixed that could have been exploited by attackers to cause a stack-based buffer overflow in client or server code running libsoup bsc1052916, CVE-2017-2885. This update was imported from the...

Debian DSA-3929-1 : libsoup2.4 - security update

Aleksandar Nikolic of Cisco Talos discovered a stack-based buffer overflow vulnerability in libsoup2.4, a HTTP library implementation in C. A remote attacker can take advantage of this flaw by sending a specially crafted HTTP request to cause an application using the libsoup2.4 library to crash...

SUSE-SU-2017:2129-1 Security update for libsoup

This update for libsoup fixes the following issues: - A bug in the HTTP Chunked Encoding code has been fixed that could have been exploited by attackers to cause a stack-based buffer overflow in client or server code running libsoup bsc1052916, CVE-2017-2885...

Fuji Electric Monitouch V-SFT Project File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

GNOME libsoup HTTP Chunked Encoding Remote Code Execution Vulnerability

Summary An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability...

CVE-2015-0786

Stack-based buffer overflow in the logging functionality in the Preboot Policy service in Novell ZENworks Configuration Management ZCM allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2015-0786

Stack-based buffer overflow in the logging functionality in the Preboot Policy service in Novell ZENworks Configuration Management ZCM allows remote attackers to execute arbitrary code via unspecified vectors...