CVE-2014-3912

Stack-based buffer overflow in the FindConfigChildeKeyList method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control in Samsung iPOLiS Device Manager before 1.8.7 allows remote attackers to execute arbitrary code via a long value...

CVE-2014-3913

Stack-based buffer overflow in AccessServer32.exe in Ericom AccessNow Server allows remote attackers to execute arbitrary code via a request for a non-existent file...

CVE-2014-3936

Stack-based buffer overflow in the dohnap function in www/mycgi.cgi in D-Link DSP-W215 Rev. A1 with firmware 1.01b06 and earlier, DIR-505 with firmware before 1.08b10, and DIR-505L with firmware 1.01 and earlier allows remote attackers to execute arbitrary code via a long Content-Length header in...

CVE-2014-3936

CVE-2014-3936 affects D-Link DSP-W215 (Rev. A1) 1.01b06 and earlier, DIR-505 firmware prior to 1.08b10, and DIR-505L prior to 1.01. The flaw is a stack-based buffer overflow in the do_hnap function (www/my_cgi.cgi) triggered by a long Content-Length header in a GetDeviceSettings HNAP request, all...

CVE-2014-3936

Stack-based buffer overflow in the dohnap function in www/mycgi.cgi in D-Link DSP-W215 Rev. A1 with firmware 1.01b06 and earlier, DIR-505 with firmware before 1.08b10, and DIR-505L with firmware 1.01 and earlier allows remote attackers to execute arbitrary code via a long Content-Length header in...

Updated cifs-utils packages fix CVE-2014-2830

Updated cifs-utils packages fix security vulnerability: Sebastian Krahmer discovered a stack-based buffer overflow flaw in cifscreds.c CVE-2014-2830...

Debian DSA-2936-1 : torque - security update

John Fitzpatrick from MWR Labs reported a stack-based buffer overflow vulnerability in torque, a PBS-derived batch processing queueing system. An unauthenticated remote attacker could exploit this flaw to execute arbitrary code with root privileges. %NASLMINLEVEL 70300 C Tenable Network Security,...

[SECURITY] [DSA 2936-1] torque security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2936-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 23, 2014 http://www.debian.org/security/faq -...

CVE-2010-5299

Stack-based buffer overflow in MicroP 0.1.1.1600 allows remote attackers to execute arbitrary code via a crafted .mppl file. NOTE: it has been reported that the overflow is in the lpFileName parameter of the CreateFileA function, but the overflow is probably caused by a separate, unnamed function...

Debian Security Advisory DSA 2936-1 (torque - security update)

John Fitzpatrick from MWR Labs reported a stack-based buffer overflow vulnerability in torque, a PBS-derived batch processing queueing system. An unauthenticated remote attacker could exploit this flaw to execute arbitrary code with root privileges. OpenVAS Vulnerability Test $Id: deb2936.nasl 67...

CVE-2010-5299

CVE-2010-5299 affects MicroP 0.1.1.1600. A stack-based buffer overflow occurs when processing a .mppl file, which can allow remote attackers to execute arbitrary code. The description notes the overflow may be in the lpFileName parameter of CreateFileA, but the actual overflow is likely caused by...

CVE-2014-3791

CVE-2014-3791 affects Easy File Sharing Web Server (EFS) Web Server, with a stack-based buffer overflow in the SESSIONID cookie handling (UserID) in vfolder.ghp, enabling remote code execution. The Red Hat entry reiterates the same description for EFS Web Server 6.8. Exploitation details are not ...

GLSA-201405-20 : JBIG-KIT: Denial of Service

The remote host is affected by the vulnerability described in GLSA-201405-20 JBIG-KIT: Denial of Service JBIG-KIT contains a stack-based buffer overflow in the jbgdecin function in libjbig/jbig.c. Impact : A remote attacker could possibly cause a Denial of Service condition via a specially crafte...

Mandriva Linux Security Advisory : nagios (MDVSA-2014:089)

Updated nagios packages fix security vulnerability : Stack-based buffer overflow in the cmdsubmitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and earlier, and Icinga before 1.8.6, 1.9 before 1.9.5, and 1.10 before 1.10.3 allows remote attackers to cause a denial of service segmentati...

CVE-2014-0782 Yokogawa CENTUM CS 3000 Stack-based Buffer Overflow

Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM VP Entry Class R5.03.00 and earlier, Exaopc R3.71.02 and earlier, B/M9000CS R5.05.01 and earlier,...

Adobe Illustrator < 16.0.5 / 16.2.0 < 16.2.2 (APSB14-11)

The version of Adobe Illustrator installed on the remote Windows host is prior to 16.0.5, 16.2.2. It is, therefore, affected by a vulnerability as referenced in the APSB14-11 advisory. - Stack-based buffer overflow in Adobe Illustrator CS6 before 16.0.5 and 16.2.x before 16.2.2 allows remote...

Yokogawa CS3000 BKESimmgr.exe Buffer Overflow

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Yokogawa CS3000 BKESimmgr.exe Buffer Overflow', 'Description' = %q This module exploits an stack based buffer overflow on Yokogawa...

Debian DSA-2921-1 : xbuffy - security update

Michael Niedermayer discovered a vulnerability in xbuffy, an utility for displaying message count in mailbox and newsgroup accounts. By sending carefully crafted messages to a mail or news account monitored by xbuffy, an attacker can trigger a stack-based buffer overflow, leading to xbuffy crash ...

CVE-2014-0469

The CVE affects xbuffy (Debian patch) with a stack-based buffer overflow exposed via crafted email subjects, enabling remote code execution. Affected: xbuffy before 3.3.bl.3.dfsg-9 (Debian patch). Fix: upgrade to the Debian-fixed versions cited in DSA-2921 (e.g., 3.3.bl.3.dfsg-8+deb6u1, 3.3.bl.3....

Debian Security Advisory DSA 2921-1 (xbuffy - security update)

Michael Niedermayer discovered a vulnerability in xbuffy, an utility for displaying message count in mailbox and newsgroup accounts. By sending carefully crafted messages to a mail or news account monitored by xbuffy, an attacker can trigger a stack-based buffer overflow, leading to xbuffy crash ...