Micro Focus Rumba 9.3 - ActiveX Stack Buffer Overflow

Exploit for windows platform in category dos / poc Exploit Title: Micro Focus Rumba function vuln // 272 Junk Data // 272 + "\x43\x43\x43\x43" = EDX = 43434343 // // If we change the edx to an address that point to a valid address // We will have control over EIP // 0x20302228 // Overwrite...

NVIDIA Driver - Stack Buffer Overflow in Escape 0x7000014

NVIDIA Driver - Stack Buffer Overflow in Escape 0x7000014 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=946 There is a missing bounds check in inner loop of the escape handler for 0x7000014 that leads to a stack buffer overflow: ... for DWORD i = 0; numdata; ++i ... // size is...

Rockwell Automation MicroLogix 1100 PLC Overflow Vulnerability

OVERVIEW David Atch of CyberX has identified a stack-based buffer overflow vulnerability in Rockwell Automation’s Allen-Bradley MicroLogix 1100 programmable logic controller PLC systems. Rockwell Automation has produced a new firmware version to mitigate this vulnerability. This vulnerability cou...

CVE-2016-8333

Summary (CVE-2016-8333): Iceni Argus 6.6.04 contains a stack-based buffer overflow in ipfSetColourStroke. The function copies ICNChain->len elements from the opStack into a local dstArray[9], but ICNChain->len can be 12, causing a overflow and potentially arbitrary code execution. The overf...

Updated graphicsmagick packages fix security vulnerability

The updated packages fix security vulnerabilities: Stack-based buffer overflow in ReadSCTImage CVE-2016-8682. Memory allocation failure in ReadPCXImage CVE-2016-8683. Memory allocation failure in MagickMalloc CVE-2016-8684...

Microsoft SQL Server 2008 R2 10.50.x.x < 10.50.4321.00 Multiple Vulnerabilities (2977319)

Binary data 9703.prm...

Microsoft SQL Server 2014 12.0.x.x < 12.0.2381.0 Multiple Vulnerabilities (2977316)

Binary data 9705.prm...

Microsoft SQL Server 2008 10.00.x.x < 10.00.5869.00 Multiple Vulnerabilities (2984340)

Binary data 9702.prm...

[SECURITY] [DSA 3695-1] quagga security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3695-1 [email protected] https://www.debian.org/security/ Florian Weimer October 18, 2016 https://www.debian.org/security/faq -...

Debian Security Advisory DSA 3695-1 (quagga - security update)

It was discovered that the zebra daemon in the Quagga routing suite suffered from a stack-based buffer overflow when processing IPv6 Neighbor Discovery messages. OpenVAS Vulnerability Test $Id: deb3695.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3695-1 using nvtgen...

DSA-3695-1 quagga - security update

Bulletin has no description...

CVE-2016-8658

Stack-based buffer overflow in the brcmfcfg80211startap function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.7.5 allows local users to cause a denial of service system crash or possibly have unspecified other impact via a long SSID Information Eleme...

CVE-2016-8670

Integer signedness error in the dynamicGetbuf function in gdiodp.c in the GD Graphics Library aka libgd through 2.2.3, as used in PHP before 5.6.28 and 7.x before 7.0.13, allows remote attackers to cause a denial of service stack-based buffer overflow or possibly have unspecified other impact via...

Debian DLA-644-1 : libav security update

Multiple vulnerabilities have been found in libav : CVE-2015-1872 The ffmjpegdecodesof function in libavcodec/mjpegdec.c in Libav before 0.8.18 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service out-of-bounds...

openSUSE Security Update : php5 (openSUSE-2016-1150)

This update for php5 fixes the following security issues : - CVE-2016-7411: Memory corruption when destructing deserialized object - CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNEDFLAG in BIT field - CVE-2016-7413: Use after free in wddxdeserialize - CVE-2016-7414: Out of boun...

PHP 5.6.x < 5.6.26 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.26. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in ext/standard/varunserializer.re when destroying deserialized objects due to improper validation of user-supplied input...

PHP 7.0.x < 7.0.11 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.11. It is, therefore, affected by multiple vulnerabilities : - An heap buffer overflow condition exists in the phpmysqlndrowpreadtextprotocolaux function within file ext/mysqlnd/mysqlndwireprotocol....

CVE-2016-4301

CVE-2016-4301 : A stack-based buffer overflow in the libarchive library’s mtree parser (archive_read_support_format_mtree.c, parse_device) allows remote attackers to execute arbitrary code when processing crafted mtree files. Affected: libarchive prior to 3.2.1. Mitigation: upgrade to 3.2.1 or ne...

FATEK Automation PLC WinProladder Stack-Based Buffer Overflow Vulnerability

OVERVIEW A researcher working with Trend Micro’s Zero Day Initiative ZDI has identified a stack-based buffer overflow vulnerability in FATEK Automation's PLC WinProladder application. Fatek Automation Fatek has not produced an update to mitigate this vulnerability. ZDI has coordinated with...

CVE-2016-7415

Stack-based buffer overflow in the Locale class in common/locid.cpp in International Components for Unicode ICU through 57.1 for C/C++ allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a long locale string...