CVE-2014-9659

CVE-2014-9659 affects FreeType’s CFF CharString interpreter (cff/cf2intrp.c) prior to 2.5.4. After computing the hint mask, it proceeds with additional hints, allowing a crafted OpenType font to cause remote arbitrary code execution or a stack-based buffer overflow (DoS). Root cause noted as an i...

CVE-2014-9659

cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service stack-based buffer overflow via a crafted OpenType font. NOTE: this...

CVE-2014-9659

cff/cf2intrp.c in the CFF CharString interpreter in FreeType before 2.5.4 proceeds with additional hints after the hint mask has been computed, which allows remote attackers to execute arbitrary code or cause a denial of service stack-based buffer overflow via a crafted OpenType font. NOTE: this...

Apple-QuickTime-7.5-(.m3u)

Apple QuickTime is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result i...

CVE-2014-9200

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM...

CVE-2014-9200 Schneider Electric Device Type Managers (DTMs) Stack-based Buffer Overflow

Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider Electric Unity Pro, SoMachine, SoMove, SoMove Lite, Modbus Communication Library 2.2.6 and earlier, CANopen Communication Library 1.0.2 and earlier, EtherNet/IP Communication Library 1.0.0 and earlier, EM...

CVE-2014-5211

Stack-based buffer overflow in the Attachmate Reflection FTP Client before 14.1.433 allows remote FTP servers to execute arbitrary code via a large PWD response...

CVE-2014-5211

CVE-2014-5211 affects Attachmate Reflection FTP Client prior to 14.1.433. It is a stack-based buffer overflow caused by insufficient boundary checking when processing the PWD command response, allowing remote code execution in the context of the current user. Exploitation involves a crafted large...

CVE-2014-8158

Multiple stack-based buffer overflows in jpcqmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted JPEG 2000 image...

CVE-2014-8158

JasPer 1.900.1 and earlier contain multiple stack-based buffer overflows in jpc_qmfb.c, enabling remote attackers to crash or possibly execute arbitrary code via crafted JPEG 2000 images. The issue (CVE-2014-8158) affects the JasPer JPEG-2000 library; impact is a denial of service and potential c...

CVE-2014-8158

Multiple stack-based buffer overflows in jpcqmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted JPEG 2000 image...

Oracle Solaris Third-Party Patch Update : bash (cve_2012_3410_stack_based)

The remote Solaris system is missing necessary patches to address security updates : - Stack-based buffer overflow in lib/sh/eaccess.c in GNU Bash before 4.2 patch 33 might allow local users to bypass intended restricted shell access via a long filename in /dev/fd, which is not properly handled...

Oracle Solaris Third-Party Patch Update : quagga (cve_2013_2236_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - Stack-based buffer overflow in the newmsglsachangenotify function in the OSPFD API ospfapi.c in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers...

GetGo Download Manager HTTP Response Buffer Overflow Exploit

Exploit for windows platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'GetGo Download Manager HTTP Response Buffer Overflow', 'Description' = %q...

Oracle Solaris Third-Party Patch Update : libtiff (cve_2012_5581_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - Stack-based buffer overflow in tifdir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image...

Oracle Solaris Third-Party Patch Update : icu (multiple_vulnerabilities_in_international_components)

The remote Solaris system is missing necessary patches to address security updates : - The International Components for Unicode ICU functionality in Google Chrome before 13.0.782.107 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

GetGo Download Manager HTTP Response Buffer Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'GetGo Download Manager HTTP Response Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow...

Updated ettercap packages fix security vulnerabilities

Updated ettercap package fixes security vulnerabilities: Heap-based buffer overflow in the dissectorpostgresql function in dissectors/ecpostgresql.c in Ettercap before 8.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted password length value...

CVE-2014-9451

Multiple stack-based buffer overflows in the DIVA web service API /webservice in VDG Security SENSE formerly DIVA 2.3.13 allow remote attackers to execute arbitrary code via the 1 user or 2 password parameter in an AuthenticateUser request...

CVE-2014-8184

A vulnerability was found in liblouis, versions 2.5.x before 2.5.4. A stack-based buffer overflow was found in findTable in liblouis. An attacker could create a malicious file that would cause applications that use liblouis such as Orca to crash, or potentially execute arbitrary code when opened...