6890 matches found
CVE-2017-2919
An exploitable stack based buffer overflow vulnerability exists in the xlsgetfcell function of libxls 1.3.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability...
CVE-2017-2919
The CVE-2017-2919 issue concerns the libxls library (v1.3.4) where the function xls_getfcell has a stack-based buffer overflow vulnerability. A crafted XLS file can cause memory corruption, enabling remote code execution . Public references consistently tie this to the libxls code path used when ...
InTouch Machine Edition Unspecified Stack Buffer Overflow Vulnerability - Windows
InTouch Machine Edition is prone to an unspecified stack buffer overflow vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
chakra: Dynamic-stack-buffer-overflow in js_memcpy_s
Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=4738279476822016 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 16 Crash Address: 0x7fffa66f0a98 Crash State: jsmemcpys...
CVE-2017-1000210
picoTCP versions 1.7.0 - 1.5.0 is vulnerable to stack buffer overflow resulting in code execution or denial of service attack...
CVE-2017-1000210
picoTCP versions 1.7.0 - 1.5.0 is vulnerable to stack buffer overflow resulting in code execution or denial of service attack...
CVE-2017-1000210
PicoTCP is affected: stack buffer overflow in the TCP/IP stack for embedded systems, affecting versions 1.5.0 through 1.7.0. The vulnerability can lead to code execution or denial of service. Root cause: stack overflow in picoTCP’s handling of inputs/packets. The provided documents consistently d...
InduSoft Web Studio Unspecified Stack Buffer Overflow Vulnerability - Windows
InduSoft Web Studio is prone to an unspecified stack buffer overflow vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Microsoft Office Equation Editor stack buffer overflow
Overview Microsoft Equation Editor contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Equation Editor is a component that comes with Microsoft Office. It is an out-of-process COM server that ...
FreeBSD : chromium -- multiple vulnerabilities (f8e72cd4-c66a-11e7-bb17-e8e0b747a45a)
Google Chrome Releases reports : 2 security fixes in this release, including : - 777728 Critical CVE-2017-15398: Stack buffer overflow in QUIC. Reported by Ned Williamson on 2017-10-24 - 776677 High CVE-2017-15399: Use after free in V8. Reported by Zhao Qixun of Qihoo 360 Vulcan Team on 2017-10-2...
chakra: Dynamic-stack-buffer-overflow in Js::JavascriptOperators::FillScopeObject
Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=4923358425645056 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 8 Crash Address: 0x7ffcc81d62a0 Crash State:...
Security update for chromium (important)
This update for Chromium to version 62.0.3202.89 fixes the following vulnerabilities boo1066851: - CVE-2017-15398: Stack buffer overflow in QUIC - CVE-2017-15399: Use after free in V8...
Cesanta Mongoose MQTT SUBSCRIBE Multiple Topics Remote Code Execution(CVE-2017-2894)
Summary An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT...
chakra: Dynamic-stack-buffer-overflow in Js::JavascriptArray::NewInstance
Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=6106023170408448 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Dynamic-stack-buffer-overflow READ 8 Crash Address: 0x7ffd13bb0260 Crash State:...
CVE-2017-2894
An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...
Stack overflow
An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...
CVE-2017-2894
An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...
CVE-2017-2894
An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...
CVE-2017-2894
An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...
CVE-2017-2894
An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...