CVE-2018-25224

PMS 0.42 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious values in the configuration file. Attackers can craft configuration files with oversized input that overflows the stack buffer and execute she...

CVE-2018-25224

CVE-2018-25224 affects PMS 0.42. The vulnerability is a stack-based buffer overflow in the configuration file parser that allows local, unauthenticated attackers to execute arbitrary code by supplying oversized input; shell commands can be executed via return-oriented programming gadgets. The pro...

CVE-2018-25224 PMS 0.42 Stack-Based Buffer Overflow via Configuration File

PMS 0.42 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious values in the configuration file. Attackers can craft configuration files with oversized input that overflows the stack buffer and execute she...

CVE-2018-25223

Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Attackers can craft payloads with ROP chains to achieve code execution in the application context, with failed attempts...

CVE-2018-25223 Crashmail 1.6 Stack-based Buffer Overflow Remote Code Execution

Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Attackers can craft payloads with ROP chains to achieve code execution in the application context, with failed attempts...

CVE-2018-25223

CVE-2018-25223 : Crashmail 1.6 has a stack-based buffer overflow that allows remote code execution by sending crafted input to the application. Attackers can use payloads with ROP chains to run code in the application context, with failing attempts potentially causing a denial of service. Root ca...

CVE-2018-25223 Crashmail 1.6 Stack-based Buffer Overflow Remote Code Execution

Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Attackers can craft payloads with ROP chains to achieve code execution in the application context, with failed attempts...

CVE-2018-25222 SC v7.16 Stack-Based Buffer Overflow Remote Code Execution

SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 1052 bytes to overwrite the instruction pointer and execute...

CVE-2018-25222 SC v7.16 Stack-Based Buffer Overflow Remote Code Execution

SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 1052 bytes to overwrite the instruction pointer and execute...

CVE-2018-25222

SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 1052 bytes to overwrite the instruction pointer and execute...

CVE-2018-25222

SC v7.16 contains a stack-based buffer overflow that allows local code execution via oversized input (>1052 bytes) that overwrites the instruction pointer and runs shellcode in the application context. Affected component: SC v7.16. Impact is high for confidentiality, integrity, and availabilit...

CVE-2018-25220

CVE-2018-25220 affects Bochs 2.6-5 and consists of a stack-based buffer overflow triggered by an oversized input string. The description specifies an attacker-provided payload of ~1200 padding bytes followed by a return-oriented programming chain to overwrite the instruction pointer and execute s...

CVE-2018-25220

Bochs 2.6-5 contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized input string to the application. Attackers can craft a malicious payload with 1200 bytes of padding followed by a return-oriented programming chain to overwri...

CVE-2017-20229

MAWK 1.3.3-17 and earlier contain a stack-based buffer overflow due to inadequate boundary checks on user-supplied input. An attacker can craft input that overflows the stack and facilitates a return-oriented programming chain to spawn a shell with application privileges. The connected documents ...

CVE-2017-20229 MAWK 1.3.3-17 Stack-Based Buffer Overflow

MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can craft malicious input that overflows the stack buffer and execute a return-oriented programmi...

CVE-2017-20229

MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can craft malicious input that overflows the stack buffer and execute a return-oriented programmi...

CVE-2017-20229 MAWK 1.3.3-17 Stack-Based Buffer Overflow

MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. Attackers can craft malicious input that overflows the stack buffer and execute a return-oriented programmi...

CVE-2017-20227

JAD Java Decompiler 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying overly long input that exceeds buffer boundaries. Attackers can craft malicious input passed to the jad command to overflow the stack and...

CVE-2017-20227

The CVE covers JAD Java Decompiler 1.5.8e-1kali1 and earlier with a stack-based buffer overflow in the jad command. Attackers can supply overly long input that overflows the stack to execute a return-oriented programming chain and spawn a shell. No exploitation details or mitigations are provided...

CVE-2017-20226

Mapscrn 2.0.3 is affected by a stack-based buffer overflow that enables local attackers to execute arbitrary code by supplying an oversized input buffer. The vulnerability arises from crafting a malicious buffer (junk data, return address, NOPs, shellcode) to overflow the stack. Impact is describ...