CVE-2017-1000249

An issue in file was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 Oct 2016 lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 Aug 2017...

Stack overflow

An issue in file was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 Oct 2016 lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 Aug 2017...

CVE-2017-1000249

An issue in file was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 Oct 2016 lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 Aug 2017...

CVE-2017-1000249

CVE-2017-1000249 affects the file utility: a stack-based overflow in the file() handling lets an attacker overwrite a fixed 20-byte stack buffer via a specially crafted .notes section in an ELF binary. The issue originates from a code path in file; multiple advisories (Fedora, Gentoo GLSA, Amazon...

openthread: Stack-buffer-overflow in ot::MeshCoP::CommissionerSessionIdTlv::GetCommissionerSessionId

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=4750024565063680 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthreaduntrusted Platform Id: linux Crash Type:...

file stack buffer overflow vulnerability

file is a set of tools maintained by software developer Christos Zoulas for viewing file formats on Unix-like systems. A security vulnerability exists in file versions 5.29, 5.30, and 5.31. An attacker could exploit this vulnerability to cause a denial of service...

PlugX Controller Stack Overflow

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' class MetasploitModule 'PlugX Controller Stack Overflow', 'Description' = %q This module exploits a Stack buffer overflow in the PlugX Controller C2 server...

openthread: Stack-buffer-overflow in ot::Tlv::GetNext

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=6361422072119296 Project: openthread Fuzzer: libFuzzeropenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: libfuzzerasanopenthreaduntrusted Platform Id: linux Crash Type:...

openthread: Stack-buffer-overflow in ot::NetworkData::Leader::AddHasRoute

Project: https://github.com/openthread/openthread.git Detailed report: https://oss-fuzz.com/testcase?key=5225417852059648 Project: openthread Fuzzer: aflopenthreadip6-send-fuzzer Fuzz target binary: ip6-send-fuzzer Job Type: aflasanopenthread Platform Id: linux Crash Type: Stack-buffer-overflow...

CVE-2017-14122

unrar 0.0.1 aka unrar-free or unrar-gpl suffers from a stack-based buffer over-read in unrarlib.c, related to ExtrFile and stricomp...

openthread: Stack-buffer-overflow in ot::MeshCoP::DatasetManager::Set

Detailed report: https://oss-fuzz.com/testcase?key=5249360952557568 Project: openthread Fuzzer: libFuzzeropenthreadradio-receive-done-fuzzer Fuzz target binary: radio-receive-done-fuzzer Job Type: libfuzzerasanopenthreaduntrusted Platform Id: linux Crash Type: Stack-buffer-overflow READ 12 Crash...

openthread: Stack-buffer-overflow in ot::NetworkData::HasRouteEntry::GetRloc

Detailed report: https://oss-fuzz.com/testcase?key=4983359669272576 Project: openthread Fuzzer: libFuzzeropenthreadradio-receive-done-fuzzer Fuzz target binary: radio-receive-done-fuzzer Job Type: libfuzzerasanopenthreaduntrusted Platform Id: linux Crash Type: Stack-buffer-overflow READ 2 Crash...

OpenJPEG Stack Buffer Overflow Vulnerability

OpenJPEG is a C-based open source JPEG 2000 codec . A stack buffer overflow vulnerability exists in the 'pgxtoimage' function in the bin/jp2/convert.c file in OpenJPEG version 2.2.0. A remote attacker could exploit this vulnerability to cause a denial of service or possibly execute code write...

Advantech WebAccess Stack Buffer Overflow Vulnerability

Advantech WebAccess is a set of HMI/SCADA software from Advantech based on browser architecture. The software supports dynamic graphic display and real-time data control, and provides remote control and management of automation equipment. A stack buffer overflow vulnerability exists in Advantech...

Delta Industrial Automation PMSoft Stack Buffer Overflow Vulnerability (CNVD-2017-228255)

Delta Industrial Automation is a global industrial automation manufacturer of power management and thermal solutions. WPLSoft and PMSoft are Delta's PLC programming software. A stack buffer overflow vulnerability exists in the parsing of information from a TTreeView object in a ppm project file...

Delta Industrial Automation WPLSoft Stack Buffer Overflow Vulnerability

Delta Industrial Automation is a global industrial automation manufacturer of power management and thermal solutions. WPLSoft and PMSoft are Delta's PLC programming software. A stack buffer overflow vulnerability exists in Delta Industrial Automation WPLSoft. Due to a failure to properly validate...

NoviFlow NoviWare and NoviSwitch Device Stack Buffer Overflow Vulnerability

NoviFlow NoviWare and NoviSwitch devices are both products of NoviFlow Canada.NoviSwitch devices are a series of switching devices.NoviWare is the switching software used in... A stack buffer overflow vulnerability exists in the Network interface of the cliengine and noviengine services in NoviFl...

fuchsia_fidl: Stack-buffer-overflow in fidl::StringView::operator<

Detailed report: https://oss-fuzz.com/testcase?key=5376132784324608 Project: fuchsiafidl Fuzzer: libFuzzerfuchsiafidlfuzzer Fuzz target binary: fuchsiafidlfuzzer Job Type: libfuzzerubsanfuchsiafidl Platform Id: linux Crash Type: Stack-buffer-overflow READ 2 Crash Address: 0x7ffd4d8165d8 Crash...

Stack overflow

Stack buffer overflow in httpd in Asuswrt-Merlin firmware 380.670RT-AC5300 and earlier for ASUS devices and ASUS firmware for ASUS RT-AC5300, RTAC1900P, RT-AC68U, RT-AC68P, RT-AC88U, RT-AC66U, RT-AC66UB1, RT-AC58U, RT-AC56U, RT-AC55U, RT-AC52U, RT-AC51U, RT-N18U, RT-N66U, RT-N56U, RT-AC3200,...

CVE-2017-12754

The CVE-2017-12754 entry describes a stack buffer overflow in the httpd component of Asuswrt-Merlin firmware (notably 380.67_0RT-AC5300 and earlier) across numerous ASUS router models. A remote attacker can trigger arbitrary code execution by sending a crafted HTTP GET request containing a long d...