CVE-2016-4519

CVE-2016-4519 affects Unitronics VisiLogic OPLC IDE (pre-9.8.30) via a stack-based buffer overflow in parsing the vlp/ZIP filename field. The root cause is copying into a fixed-length stack buffer without validating the filename length, enabling remote code execution. Exploitation details indicat...

FreeBSD : libarchive -- multiple vulnerabilities (4a0d9b53-395d-11e6-b3c8-14dae9d210b8)

Hanno Bock and Cisco Talos report : - Out of bounds heap read in RAR parser - Signed integer overflow in ISO parser - TALOS-2016-0152 CVE-2016-4300: 7-Zip readSubStreamsInfo Integer Overflow - TALOS-2016-0153 CVE-2016-4301: mtree parsedevice Stack Based Buffer Overflow - TALOS-2016-0154...

libarchive -- multiple vulnerabilities

Hanno Bock and Cisco Talos report: Out of bounds heap read in RAR parser Signed integer overflow in ISO parser TALOS-2016-0152 CVE-2016-4300: 7-Zip readSubStreamsInfo Integer Overflow TALOS-2016-0153 CVE-2016-4301: mtree parsedevice Stack Based Buffer Overflow TALOS-2016-0154 CVE-2016-4302:...

Patched libarchive Vulnerabilities Have Big Reach

The libarchive programming library was recently patched against three critical memory-related vulnerabilities that could be abused to execute code on computers running the vulnerable software. As is the case with most open source software packages, patching the core library is only half the battl...

OSX < 10.11.5 Multiple Vulnerabilities

Binary data 800143.prm...

Autodesk Backburner Multiple Vulnerabilities

Autodesk Backburner is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2016-3706

CVE-2016-3706 is a glibc (GNU C Library) vulnerability: a stack-based buffer overflow in sysdeps/posix/getaddrinfo.c:getaddrinfo can be triggered by hostent conversion and allows remote attackers to cause a denial of service (crash). The entry notes this issue stems from an incomplete fix for CVE...

HP LoadRunner 11.52 / 12.00 / 12.01 / 12.02 / 12.50 Multiple Vulnerabilities

The version of HP LoadRunner installed on the remote Windows host is 11.52, 12.00, 12.01, 12.02, or 12.50, without the HPSBGN03609 hotfix. It is, therefore, affected by multiple vulnerabilities : - An overflow condition exists in mchan.dll due to a failure to validate the size of a user-supplied...

CVE-2016-3706

Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library aka glibc or libc6 allows remote attackers to cause a denial of service crash via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for...

Scientific Linux Security Update : ntp on SL6.x i386/x86_64 (20160510)

Security Fixes : - It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntpcrypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker coul...

CVE-2016-4359

CVE-2016-4359 involves a stack-based buffer overflow in mchan.dll of HPE LoadRunner/Performance Center. The flaw occurs when constructing a shared memory/file name or processing a long -server_name value, allowing an unauthenticated attacker to remotely execute arbitrary code. Affected products i...

F5 Networks BIG-IP : SQLite vulnerability (K16950)

The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service integer overflow and stack-based buffer overflow or possibly have unspecifie...

GLSA-201606-01 : PuTTY: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201606-01 PuTTY: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PuTTY. Please review the CVE identifiers referenced below for details. Impact : Stack-based buffer overflow in the SCP command-line utility...

PuTTY: Multiple vulnerabilities

Background PuTTY is a telnet and SSH client. Description Multiple vulnerabilities have been discovered in PuTTY. Please review the CVE identifiers referenced below for details. Impact Stack-based buffer overflow in the SCP command-line utility allows remote servers to execute arbitrary code or...

Stack overflow

Stack-based buffer overflow in the nssdns implementation of the getnetbyname function in GNU C Library aka glibc before 2.24 allows context-dependent attackers to cause a denial of service stack consumption and application crash via a long name...

CVE-2016-3075

Stack-based buffer overflow in the nssdns implementation of the getnetbyname function in GNU C Library aka glibc before 2.24 allows context-dependent attackers to cause a denial of service stack consumption and application crash via a long name...

CVE-2016-1234

Stack-based buffer overflow in the glob implementation in GNU C Library aka glibc before 2.24, when GLOBALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service crash via a long name...

Debian DLA-494-1 : eglibc security update

Several vulnerabilities have been fixed in the Debian GNU C Library, eglibc : CVE-2016-1234 Alexander Cherepanov discovered that the glibc's glob implementation suffered from a stack-based buffer overflow when it was called with the GLOBALTDIRFUNC flag and encountered a long file name...

CVE-2016-5116

gdxbm.c in the GD Graphics Library aka libgd before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service stack-based buffer under-read and application crash via a long name...

CVE-2016-2554

Stack-based buffer overflow in ext/phar/tar.c in PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted TAR archive...