Hyleos ChemView ActiveX Control Stack Buffer Overflow

No description provided by source. $Id: hyleoschemviewxactivex.rb 9935 2010-07-27 02:25:15Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

Avaya WinPDM UniteHostRouter <= 3.8.2 - Remote Pre-Auth Command Execute

No description provided by source. Abysssec Public Exploit more info www.abysssec.com Avaya WinPDM UniteHostRouter = 3.8.2 Remote Pre-Auth Command Execute A boundary error in the Unite Host Router service UniteHostRouter.exe when processing certain requests can be exploited to cause a stack-based...

DATAC RealWin SCADA Server 2.0 Remote Stack Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31418/info DATAC RealWin SCADA server is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execut...

IBM Forms Viewer - Unicode Buffer Overflow

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include REXML include...

keystore buffer

Stack-based buffer overflow in the encodekey function in /system/bin/keystore in the KeyStore service in Android 4.3 allows attackers to execute arbitrary code, and consequently obtain sensitive key information or bypass intended restrictions on cryptographic operations, via a long key name...

CVE-2012-5106

CVE-2012-5106 affects FreeFloat FTP Server 1.0. The vulnerability is a stack-based buffer overflow in the handling of the PUT command, allowing remote authenticated users to execute arbitrary code by sending a long string. Exploitation exists (e.g., Exploit-DB entry 22351) and has been demonstrat...

CVE-2012-2052

Stack-based buffer overflow in the U3D.8BI library plugin in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a long Collada asset element in a DAE file, as demonstrated by the cameraYFov value in the contributor comments...

Schneider Electric VAMPSET Buffer Overflow

OVERVIEW Aivar Liimets of Martem AS has identified a buffer overflow vulnerability in Schneider Electric’s VAMPSET software product. He reported it directly to Schneider Electric who reported it to NCCIC/ICS-CERT once the problem was fixed. Schneider Electric has produced an update that mitigates...

CVE-2014-4158

CVE-2014-4158 pertains to Senkas Kolibri WebServer 2.0 on Windows (XP/2003/7). The vulnerability is a stack-based buffer overflow caused by improper validation when handling HTTP requests with overly long URIs, enabling a remote attacker to potentially execute arbitrary code. Public writeups desc...

CVE-2010-5301

CVE-2010-5301: Kolibri WebServer 2.0 is affected by a stack-based buffer overflow when handling a long URI in a HEAD request, enabling remote code execution. The connected documents corroborate an RCE risk via crafted requests; no explicit patch/version remediation is provided in the supplied sou...

openSUSE Security Update : csound (openSUSE-SU-2012:0315-1)

This update of csound fixes two stack-based buffer overflows that could be exploited via malformed hetro and pvoc files CVE-2012-0270. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

openSUSE Security Update : libQtWebKit-devel (openSUSE-SU-2012:0091-1)

A stack-based buffer overflow in the glyph handling of libqt4's harfbuzz has been fixed. CVE-2011-3922 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

openSUSE Security Update : quagga (openSUSE-SU-2010:0984-1)

This update of quagga fixes two security issues : - CVE-2010-2948: CVSS v2 Base Score: 6.5 MEDIUM AV:N/AC:L/Au:S/C:P/I:P/A:P Stack-based buffer overflow while processing malformed Route-Refresh messages. - CVE-2010-2949: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P Denial of service...

openSUSE Security Update : nagios (openSUSE-SU-2014:0516-1)

Nagios was updated to fix a stack-based buffer overflow in the cmdsubmitf function in the CGI handler. CVE-2014-1878 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-291. The text...

openSUSE Security Update : pixman (openSUSE-SU-2013:1421-1)

libpixman was updated to fix a stack based buffer overflow CVE-2013-1591. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-686. The text description of this plugin is C SUSE LLC...

openSUSE Security Update : libmodplug (openSUSE-SU-2011:0350-1)

Libmodplug is vulnerable to a stack based buffer overflow when handling malicious S3M media files. CVE-2011-1574 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Updat...

CVE-2010-5300

Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long file name in a zip archive...

Design/Logic Flaw

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

CVE-2014-2977

Multiple integer signedness errors in the DispatchWrite function in proxy/dispatcher/idirectfbsurfacedispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow...

CVE-2014-2977

CVE-2014-2977 in DirectFB (Dispatch_Write in proxy/dispatcher/idirectfbsurface_dispatcher.c) allows remote attackers to cause a denial of service (crash) and possibly execute code via the Voodoo interface; CVE-2014-2978 is an out-of-bounds write in the same area. Connected advisories confirm thes...