Stack overflow

An issue was discovered in jpeg-compressor 0.1. The buildhuffman function in stbimage.c allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact...

CVE-2018-13030

An issue was discovered in jpeg-compressor 0.1. The buildhuffman function in stbimage.c allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact...

CVE-2018-13030

The CVE-2018-13030 entry concerns jpeg-compressor 0.1, specifically the build_huffman function in stb_image.c. The vulnerability allows remote attackers to trigger a denial of service via a stack-based buffer overflow, potentially causing an application crash and other unspecified impacts. The av...

CVE-2018-13030

An issue was discovered in jpeg-compressor 0.1. The buildhuffman function in stbimage.c allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact...

CVE-2018-12983

CVE-2018-12983 affects PoDoFo: a stack-based buffer over-read in PdfEncryptMD5Base::ComputeEncryptionKey() (PdfEncrypt.cpp) in PoDoFo 0.9.6-rc1 can be exploited remotely via a crafted PDF to cause a denial of service. Multiple advisories confirm a PoDoFo memory-handling issue leading to DoS when ...

CVE-2018-12983

A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file...

SUSE SLES11 Security Update : tiff (SUSE-SU-2018:1835-1)

This update for tiff fixes the following security issues : - CVE-2017-5225: Prevent heap buffer overflow in the tools/tiffcp that could have caused DoS or code execution via a crafted BitsPerSample value bsc1019611 - CVE-2018-7456: Prevent a NULL pointer dereference in the function...

EulerOS 2.0 SP3 : ncurses (EulerOS-SA-2018-1166)

According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In ncurses 6.0, there is a stack-based buffer overflow in the fmtentry function. A crafted input will lead to a remote arbitrary code execution...

EulerOS 2.0 SP3 : php (EulerOS-SA-2018-1158)

According to the version of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an...

PoDoFo 0.9.5 - Buffer Overflow (PoC)

Exploit Title: PoDoFo 0.9.5 - Stack-Based Buffer Overflow PoC Date: 25.06.2018 Software Link: https://sourceforge.net/projects/podofo/ Vuln Version: 0.9.5 CVE: cve-2018-8002 Vulnerability Details: https://bugzilla.redhat.com/showbug.cgi?id=1548930 Exploit Author: r4xis https://github.com/r4xis...

PoDoFo 0.9.5 Buffer Overflow

Exploit Title: PoDoFo 0.9.5 - Stack-Based Buffer Overflow PoC Date: 25.06.2018 Software Link: https://sourceforge.net/projects/podofo/ Vuln Version: 0.9.5 CVE: cve-2018-8002 Vulnerability Details: https://bugzilla.redhat.com/showbug.cgi?id=1548930 Exploit Author: r4xis https://github.com/r4xis...

Delta Industrial Automation COMMGR AHSIM_5x0 Simulator Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation COMMGR. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of TCP packets sent to the AHSIM 5x0 Simulator. The issu...

PoDoFo 0.9.5 - Buffer Overflow (PoC)

PoDoFo 0.9.5 - Buffer Overflow PoC Exploit Title: PoDoFo 0.9.5 - Stack-Based Buffer Overflow PoC Date: 25.06.2018 Software Link: https://sourceforge.net/projects/podofo/ Vuln Version: 0.9.5 CVE: cve-2018-8002 Vulnerability Details: https://bugzilla.redhat.com/showbug.cgi?id=1548930 Exploit Author...

Delta Industrial Automation COMMGR DVP Simulator Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation COMMGR. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of TCP packets sent to the DVP Simulator. The issue...

Delta Industrial Automation COMMGR Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation COMMGR. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of TCP packets sent to COMMGR. The issue results fro...

Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple php5 vulnerabilities (CVE-2016-6911, CVE-2016-8670)

Summary Multiple security vulnerabilities have been identified in php5 that is embedded in IBM FSM. This bulletin addresses these issues. Vulnerability Details CVEID: CVE-2016-6911 DESCRIPTION: libgd2 - GD Graphics Library is vulnerable to a denial of service, caused by a missing check for...

Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple glibc vulnerabilities

Summary Multiple security vulnerabilities have been discovered in glibc that is embedded in the IBM FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2014-9761 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper...

Security Bulletin: Vulnerabilities in Qemu affect PowerKVM (Multiple Vulnerabilities)

Summary PowerKVM is affected by six vulnerabilities in Qemu. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2015-5154 DESCRIPTION: QEMU is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the IDE subsystem while processing ATAPI commands. A...

Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM Storwize V7000 Unified.

Summary There are security vulnerabilities in versions of Mozilla Firefox that are shipped with versions 1.5.1.0 to 1.5.2.4 of IBM Storwize V7000 Unified. Vulnerability Details IBM Storwize V7000 Unified is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla...

Security Bulletin: Multiple Mozilla Firefox vulnerability issues in IBM SONAS.

Summary There are security vulnerabilities in versions of Mozilla Firefox that are shipped with versions 1.5.1.0 to 1.5.2.4 of IBM SONAS Vulnerability Details IBM SONAS is shipped with Mozilla Firefox. There are vulnerabilities in certain versions of Mozilla Firefox shipped in certain versions of...