6890 matches found
gdal: Stack-buffer-overflow in CADHandle::getAsLong
Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5735999550259200 Project: gdal Fuzzer: libFuzzergdalcadfuzzer Fuzz target binary: cadfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address:...
CVE-2017-9225
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds write in onigencunicodegetcasefoldcodesbystr occurs during regular expression compilation. Code point 0xFFFFFFFF is not properly handled in...
CVE-2017-9227
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbcenclen during regular expression searching. Invalid handling of reg-dmin in forwardsearchrange could result in an invalid pointer...
CVE-2017-9225
Oniguruma 6.2.0 (as used in Ruby via oniguruma-mod through Ruby 2.4.1 and mbstring in PHP through 7.1.5) contains CVE-2017-9225, a stack out-of-bounds write in onigenc_unicode_get_case_fold_codes_by_str() and related unicode handling, with Code point 0xFFFFFFFF not properly handled in unicode_unf...
CVE-2017-9227
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbcenclen during regular expression searching. Invalid handling of reg-dmin in forwardsearchrange could result in an invalid pointer...
CVE-2017-9224
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could result in an...
CVE-2017-2817
PowerISO 6.8 ISO-parsing contains a stack-based buffer overflow vulnerability that can lead to code execution when processing specially crafted ISO files. Technical details show the vulnerable path involves the ISO parsing function, using strncpy on a crafted NM entry payload and calculating a ne...
CVE-2017-9224
An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could result in an...
libxml2 incomplete fix for stack buffer overflow vulnerability
Libxml2 is the GNOME project team developed a C-based library for parsing XML documents. Libxml2 suffers from a stack-based buffer overflow vulnerability that arises from a program that does not perform proper boundary checking on user input. An attacker could use this vulnerability to execute...
proj4: Stack-buffer-overflow in pj_open_lib_ex
Detailed report: https://oss-fuzz.com/testcase?key=6058391271112704 Project: proj4 Fuzzer: aflproj4standardfuzzer Fuzz target binary: standardfuzzer Job Type: aflasanproj4 Platform Id: linux Crash Type: Stack-buffer-overflow WRITE Crash Address: 0x7f2bb94a2421 Crash State: pjopenlibex...
HTTrack v3.x - Stack Buffer Overflow Vulnerability
Document Title: =============== HTTrack v3.x - Stack Buffer Overflow Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2068 Release Date: ============= 2017-05-21 Vulnerability Laboratory ID VL-ID: ==================================== 2068...
CVE-2017-6025
A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A malicious user could overfl...
CVE-2017-6025
CVE-2017-6025 affects 3S-Smart Software Solutions GmbH CODESYS Web Server (WebVisu) versions 2.3 and prior. Root cause: stack-based buffer overflow when processing XML due to unverified string sizes during memory copy, allowing a malicious user to crash the application or potentially execute arbi...
CVE-2017-5177
CVE-2017-5177 affects VIPA Controls WinPLC7 (versions up to 5.0.45.5921). A vulnerability in processing the TCP packet length field can cause a stack-based buffer overflow, potentially enabling remote code execution. Exploitation is possible remotely without authentication, via specially crafted ...
Sure Thing Disc Labeler 6.2.138.0 - Buffer Overflow (PoC)
Sure Thing Disc Labeler 6.2.138.0 - Buffer Overflow PoC Exploit Title: Sure Thing Disc Labeler - Stack Buffer Overflow PoC Date: 5-19-17 Exploit Author: Chance Johnson [email protected] Vendor Homepage: http://www.surething.com/ Software Link: http://www.surething.com/disclabeler Version:...
Sure Thing Disc Labeler 6.2.138.0 - Buffer Overflow (PoC)
Exploit Title: Sure Thing Disc Labeler - Stack Buffer Overflow PoC Date: 5-19-17 Exploit Author: Chance Johnson [email protected] Vendor Homepage: http://www.surething.com/ Software Link: http://www.surething.com/disclabeler Version: 6.2.138.0 Tested on: Windows 7 x64 / Windows 10 Usage: Ope...
gdal: Stack-buffer-overflow in gdal_printbuf_memappend
Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5789067830624256 Project: gdal Fuzzer: libFuzzergdalogrfuzzer Fuzz target binary: ogrfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address:...
Stack overflow
Stack buffer overflow in vshttpd aka ioos in HooToo Trip Mate 6 TM6 firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted fname parameter of a GET request...
CVE-2017-9026
Stack buffer overflow in vshttpd aka ioos in HooToo Trip Mate 6 TM6 firmware 2.000.030 and earlier allows remote unauthenticated attackers to control the program counter via a specially crafted fname parameter of a GET request...
CVE-2017-9026
CVE-2017-9026 affects the HooToo Trip Mate 6 (TM6) with vshttpd (ioos) in firmware up to version 2.000.030 and earlier. The vulnerability is a stack buffer overflow in vshttpd triggered by a specially crafted fname parameter in a GET request, allowing remote unauthenticated attackers to control t...