5758 matches found
GNU binutils - bfd_get_string Stack Buffer Overflow Exploit
Exploit for linux platform in category dos / poc Source: https://sourceware.org/bugzilla/showbug.cgi?id=21581 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...
GNU binutils - 'ieee_object_p' Stack Buffer Overflow
Source: https://sourceware.org/bugzilla/showbug.cgi?id=21582 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the reduced stacktrace with links to the correspondin...
GNU binutils - bfd_get_string Stack Buffer Overflow
GNU binutils - bfdgetstring Stack Buffer Overflow Source: https://sourceware.org/bugzilla/showbug.cgi?id=21581 I have been fuzzing objdump with American Fuzzy Lop and AddressSanitizer. Please find attached the minimized file causing the issue "Input" and the ASAN report log "Output". Below is the...
gdal: Stack-buffer-overflow in nc4_get_vara
Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5770093583663104 Project: gdal Fuzzer: libFuzzergdalfilesystemfuzzer Fuzz target binary: gdalfilesystemfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash...
Adobe Digital Editions Stack Buffer Overflow Vulnerability (CNVD-2017-10052)
Adobe Digital Editions DE is a set of e-book reading and management software of the United States Ordoby Adobe. Through the software can open, read and manage PDF, XML, Flash files. A stack buffer overflow vulnerability exists in Adobe Digital Editions. An attacker could exploit the vulnerability...
HPE Intelligent Management Center (iMC) 7.2 (E0403P10) - Code Execution
HPE Intelligent Management Center iMC 7.2 E0403P10 - Code Execution Vulnerability Summary The following advisory describes a Stack Buffer Overflow vulnerability found in HPE Intelligent Management Center version v7.2 E0403P10 Enterprise, this vulnerability leads to an exploitable remote code...
HPE Intelligent Management Center (iMC) 7.2 (E0403P10) - Code Execution
Vulnerability Summary The following advisory describes a Stack Buffer Overflow vulnerability found in HPE Intelligent Management Center version v7.2 E0403P10 Enterprise, this vulnerability leads to an exploitable remote code execution. HPE Intelligent Management Center iMC delivers comprehensive...
NXP i.MX Product Family
CVSS v3 6.0 REPOSTED INFORMATION This advisory was originally posted to the NCCIC Portal on June 1, 2017, and is being released to the NCCIC/ICS-CERT web site. AFFECTED PRODUCTS The following i.MX Devices, used on logic boards, are affected: Devices affected by the Stack Buffer Overflow...
ffmpeg: Stack-buffer-overflow in put_bilin_2d_hv_c
Project: https://git.ffmpeg.org/ffmpeg.git Detailed report: https://oss-fuzz.com/testcase?key=6266250911023104 Project: ffmpeg Fuzzer: libFuzzerffmpegAVCODECIDVP9fuzzer Job Type: libfuzzerasanffmpeg Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 2 Crash Address: 0x7f33441d38a0 Crash...
gdal: Stack-buffer-overflow in CADHandle::getAsLong
Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5735999550259200 Project: gdal Fuzzer: libFuzzergdalcadfuzzer Fuzz target binary: cadfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address:...
CVE-2017-9225
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigencunicodegetcasefoldcodesbystr occurs during regular expression compilation. Code point 0xFFFFFFFF is not properly handled in...
CVE-2017-9225
Oniguruma 6.2.0 (as used in Ruby via oniguruma-mod through Ruby 2.4.1 and mbstring in PHP through 7.1.5) contains CVE-2017-9225, a stack out-of-bounds write in onigenc_unicode_get_case_fold_codes_by_str() and related unicode handling, with Code point 0xFFFFFFFF not properly handled in unicode_unf...
CVE-2017-2817
PowerISO 6.8 ISO-parsing contains a stack-based buffer overflow vulnerability that can lead to code execution when processing specially crafted ISO files. Technical details show the vulnerable path involves the ISO parsing function, using strncpy on a crafted NM entry payload and calculating a ne...
libxml2 incomplete fix for stack buffer overflow vulnerability
Libxml2 is the GNOME project team developed a C-based library for parsing XML documents. Libxml2 suffers from a stack-based buffer overflow vulnerability that arises from a program that does not perform proper boundary checking on user input. An attacker could use this vulnerability to execute...
proj4: Stack-buffer-overflow in pj_open_lib_ex
Detailed report: https://oss-fuzz.com/testcase?key=6058391271112704 Project: proj4 Fuzzer: aflproj4standardfuzzer Fuzz target binary: standardfuzzer Job Type: aflasanproj4 Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address: 0x7f2bb94a2421 Crash State: pjopenlibex...
HTTrack v3.x - Stack Buffer Overflow Vulnerability
Document Title: =============== HTTrack v3.x - Stack Buffer Overflow Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2068 Release Date: ============= 2017-05-21 Vulnerability Laboratory ID VL-ID: ==================================== 2068...
CVE-2017-6025
A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious user could overfl...
CVE-2017-6025
CVE-2017-6025 affects 3S-Smart Software Solutions GmbH CODESYS Web Server (WebVisu) versions 2.3 and prior. Root cause: stack-based buffer overflow when processing XML due to unverified string sizes during memory copy, allowing a malicious user to crash the application or potentially execute arbi...
CVE-2017-5177
CVE-2017-5177 affects VIPA Controls WinPLC7 (versions up to 5.0.45.5921). A vulnerability in processing the TCP packet length field can cause a stack-based buffer overflow, potentially enabling remote code execution. Exploitation is possible remotely without authentication, via specially crafted ...
Sure Thing Disc Labeler 6.2.138.0 - Buffer Overflow (PoC)
Exploit Title: Sure Thing Disc Labeler - Stack Buffer Overflow PoC Date: 5-19-17 Exploit Author: Chance Johnson [email protected] Vendor Homepage: http://www.surething.com/ Software Link: http://www.surething.com/disclabeler Version: 6.2.138.0 Tested on: Windows 7 x64 / Windows 10 Usage: Ope...