CVE-2013-2028

The ngxhttpparsechunked function in http/ngxhttpparse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service crash and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based...

Blue Coat Authentication and Authorization Agent Remote Overflow

The version of Blue Coat Authentication and Authorization Agent installed on the remote Windows host is earlier than build 60258. It is, therefore, potentially affected by a stack-based buffer overflow vulnerability when handling specially crafted TCP packets on port 16102. By exploiting this fla...

CVE-2013-2687

Stack-based buffer overflow in the bpedecompress function in 1 BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and 2 QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service application crash or possibly execute...

CVE-2013-2687

Stack-based buffer overflow in the bpedecompress function in 1 BlackBerry QNX Neutrino RTOS through 6.5.0 SP1 and 2 QNX Momentics Tool Suite through 6.5.0 SP1 in the QNX Software Development Platform allows remote attackers to cause a denial of service application crash or possibly execute...

Oracle Linux 5 : freeradius2 (ELSA-2013-0134)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2013-0134 advisory. 2.1.12-5 - resolves: bug855308 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509...

Oracle Linux 6 : freeradius (ELSA-2012-1326)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-1326 advisory. 2.1.12-4 - resolves: bug855316 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509...

SAS Integration Technologies Client ActiveX Stack Buffer Overflow

The version of the SAS Integration Technologies Client installed on the remote host is affected by a stack-based buffer overflow condition in the 'SASspk.dll' ActiveX control due to improper validation of user-supplied input to the RetrieveBinaryFile function via the 'bstFileName' parameter. An...

Winamp 5.63 - Stack Buffer Overflow

Winamp 5.63 - Stack Buffer Overflow Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: WinAmp Vendor URL: www.winamp.com Type: Stack-based Buffer Overflow CWE-121 Date found: 2013-06-05 Date published: 2013-07-01 CVSSv2 Score: Bug 1: 7,5...

MGASA-2013-0195 Updated autotrace package fixes security vulnerability

Stack-based buffer overflow in bmp parser CVE-2013-1953. Updated autotrace package corrects the issue...

WinAmp 5.63 Buffer Overflow

Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: WinAmp Vendor URL: www.winamp.com Type: Stack-based Buffer Overflow CWE-121 Date found: 2013-06-05 Date published: 2013-07-01 CVSSv2 Score: Bug 1: 7,5 AV:N/AC:L/Au:N/C:P/I:P/A:P Bug 2: 3,7...

CVE-2012-6569

Stack-based buffer overflow in the HTTP module in the 1 Branch Intelligent Management System BIMS and 2 web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI...

Stack overflow

Stack-based buffer overflow in the HTTP module in the 1 Branch Intelligent Management System BIMS and 2 web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches allows remote attackers to execute arbitrary code via a long URI...

CVE-2012-6569

CVE-2012-6569 describes a stack-based buffer overflow in the HTTP module of Huawei AR routers and related S-series switches (S2000, S3000, S3500, S3900, S5100, S5600, S7800, S8500) that allows remote attackers to execute arbitrary code via a long URI. The issue affects the HTTP component used for...

CVE-2013-4630

CVE-2013-4630 describes a stack-based buffer overflow affecting Huawei AR series routers (AR 150, 200, 1200, 2200, 3200) when SNMPv3 debugging is enabled. The vulnerability allows remote attackers to execute arbitrary code via malformed SNMPv3 requests. Documents do not provide explicit exploit d...

CVE-2013-3950

Stack-based buffer overflow in the openSharedCacheFile function in dyld.cpp in dyld in Apple iOS 5.1.x and 6.x through 6.1.3 makes it easier for attackers to conduct untethering attacks via a long string in the DYLDSHAREDCACHEDIR environment variable...

CVE-2013-3475

Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, as used in Smart Analytics System 7600 and other products, allows local users to gain privileges via unspecified vectors...

Stack overflow

Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, as used in Smart Analytics System 7600 and other products, allows local users to gain privileges via unspecified vectors...

CVE-2013-3475

Stack-based buffer overflow in db2aud in the Audit Facility in IBM DB2 and DB2 Connect 9.1, 9.5, 9.7, 9.8, and 10.1, as used in Smart Analytics System 7600 and other products, allows local users to gain privileges via unspecified vectors...

FreeBSD : irc/bitchx -- multiple vulnerabilities (0a799a8e-c9d4-11e2-a424-14dae938ec40)

bannedit reports : Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the pmode variable. Nico Golde reports : There is a security issue in ircii-pana in bitchx' hostname command. The ehostname functi...

nginx ngx_http_proxy_module.c Multiple Vulnerabilities

According to its Server response header, the installed version of nginx is 1.1.4 through 1.2.8, 1.3.x, or 1.4.x prior to 1.4.1. It is, therefore, affected by multiple vulnerabilities : - A stack-based buffer overflow in 'ngxhttpparse.c' may allow a remote attacker to execute arbitrary code or...