Last PassBroker 3.2.16 - Stack-Based Buffer Overflow Exploit

Exploit for windows platform in category dos / poc ''' Exploit Title: Last PassBroker Stack-based BOF Date: 9/23/2015 Exploit Author: UnN0n Software Link: https://lastpass.com/download Version: 3.2.16 Tested on: Windows 7 x8632 BIT Steps to Produce the Crash: 1- open 'LastPassBroker.exe'. 2- A...

Oracle: Security Advisory (ELSA-2012-1326)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2013-0134)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle: Security Advisory (ELSA-2012-1327)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-324-1 : binutils security update

This update fixes several issues as described below. PR ld/12613 no CVE assigned Niranjan Hasabnis discovered that passing an malformed linker script to GNU ld, part of binutils, may result in a stack-based buffer overflow. If the linker is used with untrusted object files, this would allow remot...

MakeSFX.exe 1.44 - Local Stack Buffer Overflow

MakeSFX.exe 1.44 - Local Stack Buffer Overflow ''' + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-MAKESFX-BUFF-OVERFLOW-09302015.txt Vendor: ================================ freeextractor.sourceforge.net/FreeExtractor...

Gentoo Security Advisory GLSA 201405-20

Gentoo Linux Local Security Checks GLSA 201405-20 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Gentoo Security Advisory GLSA 201412-40

Gentoo Linux Local Security Checks GLSA 201412-40 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Gentoo Security Advisory GLSA 201405-01

Gentoo Linux Local Security Checks GLSA 201405-01 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Stack overflow

Multiple stack-based buffer overflows in an unspecified DLL file in Advantech WebAccess before 8.020150816 allow remote attackers to execute arbitrary code via a crafted file that triggers long string arguments to functions...

Stack overflow

The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impa...

CVE-2015-7176

Mozilla Firefox CVE-2015-7176 affects Firefox before 41.0 (ESR 38.x before 38.3). Root cause: AnimationThread uses an incorrect argument to sscanf, enabling a remote attacker to trigger a stack-based buffer overflow and crash, with possible other impact via unknown vectors. Public details describ...

CVE-2015-7176

The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impa...

CVE-2015-6949

Stack-based buffer overflow in the ASUS TM-AC1900 router allows remote attackers to execute arbitrary code via crafted HTTP header values...

Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow

使用如下python代码生成一个可以触发漏洞的m3u文件，调试环境为win7，由于存在ASLR，所以每次需要将改变的地址高4位加偏移计算真正地址。此漏洞依然是由于没有对长度进行检查的逻辑错误导致的本地溢出，可以构造畸形文件诱使目标点击后执行任意代码。 junk = "A"66666 file = open"CRASH.m3u",'w' file.writejunk file.close 生成后打开mmc，触发这个漏洞，程序中断 0:009 t 20ec.26d0: Access violation - code c0000005 first chance First chance...

Amazon Linux: Security Advisory (ALAS-2014-300)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2012-144)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2014-282)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Yahoo! Messenger 11.5.0.228 Buffer Overflow

ADVISORY INFORMATION-----------------------Product: Yahoo! MessengerVendor URL: www.yahoo.comType: Stack-based Buffer Overflow CWE-121Date found: 2014-05-02Date published: 2015-09-03CVSSv3 Score: 4,8 AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:LCVE: CVE-2014-7216 VERSIONS AFFECTED--------------------Yahoo!...

HP LoadRunner < 12.50 Scenario File Local Code Execution

The version of HP LoadRunner installed on the remote host is prior to 12.50. It is, therefore, affected by a local code execution vulnerability due to an overflow condition that is triggered when handling scenario files .lrs. A local attacker can exploit this, via a specially crafted scenario fil...