5904 matches found
CVE-2017-2868
An exploitable code execution vulnerability exists in the NewProducerStream functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability...
Stack overflow
An exploitable Code Execution vulnerability exists in the RequestForPatientInfoEEGfile functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in arbitrary command execution. An attacker can send a malicious packet to trigger this...
Stack overflow
An exploitable code execution vulnerability exists in the NewProducerStream functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability...
Stack overflow
An exploitable code execution vulnerability exists in the OpenProducer functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2017-2868
An exploitable code execution vulnerability exists in the NewProducerStream functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2017-2868
An exploitable code execution vulnerability exists in the NewProducerStream functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2017-2853
An exploitable Code Execution vulnerability exists in the RequestForPatientInfoEEGfile functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in arbitrary command execution. An attacker can send a malicious packet to trigger this...
CVE-2017-2869
An exploitable code execution vulnerability exists in the OpenProducer functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability...
CVE-2017-2867
TALOS reports CVE-2017-2867 as a vulnerability in Natus Xltek NeuroWorks 8 (SavePatientMontage). It is caused by a lack of verification of the length of Data.Name in requests to SavePatientMontage, leading to a stack-based buffer overflow that can enable remote code execution via a specially craf...
CVE-2017-2868
CVE-2017-2868 is a vulnerability in the NewProducerStream functionality of Natus Xltek NeuroWorks 8 . The issue stems from parsing a user-provided KeyTree, specifically an unchecked length for the SlowReviewLocalPath used to construct a path, which can overflow a stack buffer and overwrite except...
CVE-2017-2853
CVE-2017-2853 affects Natus Xltek NeuroWorks 8. During processing of the command RequestForPatientInfoEEGfile, the NWStorage component builds a file path from a client-supplied value and uses a stack buffer in a sprintf call, which can overflow and overwrite the SEH chain. This leads to remote co...
CVE-2017-2869
CVE-2017-2869 is a code execution vulnerability in Natus Xltek NeuroWorks 8 OpenProducer. Talos reports a stack-based buffer overflow caused by improper handling of SlowReviewLocalPath data within the KeyTree during OpenProducer processing, which can be triggered remotely by sending a crafted net...
CVE-2017-2867
An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can a malicious packet to trigger this vulnerability...
CVE-2017-13276
In CProgramConfigReadHeightExt of tpdecasc.cpp, there is a possible stack buffer overflow due to a missing bounds check. This could lead to a remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1,...
Stack overflow
In avrcparsbrowsingcmd of avrcparstg.cc, there is a possible stack buffer overflow due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1...
CVE-2017-13282
In avrcctrlparsvendorrsp of avrcparsct.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 7.0, 7.1.1,...
Stack overflow
In CProgramConfigReadHeightExt of tpdecasc.cpp, there is a possible stack buffer overflow due to a missing bounds check. This could lead to a remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1,...
CVE-2017-13281
In avrcparsbrowsingcmd of avrcparstg.cc, there is a possible stack buffer overflow due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1...
CVE-2017-13276
CVE-2017-13276 concerns a stack buffer overflow in the Android tpdec_asc.cpp module, specifically in the function CProgramConfig_ReadHeightExt, caused by a missing bounds check. This vulnerability could enable remote code execution with the attacker having no special privileges beyond a user on t...
CVE-2017-13282
CVE-2017-13282 affects Android where in the function avrc_ctrl_pars_vendor_rsp (file avrc_pars_ct.cc) a missing bounds check can cause a stack buffer overflow. The flaw could allow remote code execution with no privileges or user interaction required, affecting Android versions 7.0, 7.1.1, 7.1.2,...