55 matches found
CVE-2019-16928
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in stringvformat in string.c involving a long EHLO command...
Heap overflow
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in stringvformat in string.c involving a long EHLO command...
CVE-2019-16277
PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in cstdlib/string.c when called from ExpressionParseFunctionCall in expression.c...
CVE-2019-16277
PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in cstdlib/string.c when called from ExpressionParseFunctionCall in expression.c...
Artifex Software MuPDF Buffer Overflow Vulnerability (CNVD-2020-54480)
Artifex Software MuPDF is a free, lightweight PDF reader from Artifex Software, USA. A buffer error vulnerability exists in the 'fzchartorune' function of the fitz/string.c file in Artifex Software MuPDF versions prior to 1.16.0. The vulnerability stems from a networked system or product performi...
CVE-2018-14337
The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrbstrresize function in string.c does not check for a negative length...
Signed integer overflow in mrb_str_format
The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrbstrresize function in string.c does not check for a negative length...
shopify-scripts: Null pointer dereference in mrb_str_prepend
PoC ruby String.new.prepend"" Cause This crash is caused by null dereference in https://github.com/mruby/mruby/blob/master/mrbgems/mruby-string-ext/src/string.cL474 Test $ gdb -q --args ./bin/mruby test4.rb Reading symbols from ./bin/mruby...done. gdb r Starting program:...
CVE-2014-3916 ruby: DoS via long string in str_buf_cat()
The strbufcat function in string.c in Ruby 1.9.3, 2.0.0, and 2.1 allows context-dependent attackers to cause a denial of service segmentation fault and crash via a long string...
CVE-2010-2947
Heap-based buffer overflow in the HXsplit function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a string that is inconsistent with the expected number of fields...
php 5.1.2 string.c 整数溢出漏洞
No description provided by source...
Ruby "rb_str_justify()"缓冲区溢出漏洞
CVE ID:CVE-2009-4124 Ruby是一款功能强大的面向对象的脚本语言。 Stringljust, Stringcenter和Stringrjust中存在堆溢出漏洞,允许攻击者在部分条件下执行任意代码。 问题存在于string.c代码中的"rbstrjustify"函数。目前没有详细漏洞细节提供。 Ruby 1.9.x Ruby 1.9.1-p376已经修复此漏洞,建议用户下载使用: ftp://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.1-p376.tar.bz2...
No title provided
The chunksplit function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer overflow. NOTE: this is...
CVE-2006-4482
Multiple heap-based buffer overflows in the 1 strrepeat and 2 wordwrap functions in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990...
security flaw
Integer overflow in the wordwrap function in string.c in PHP 4.4.2 and 5.1.2 might allow context-dependent attackers to execute arbitrary code via certain long arguments that cause a small buffer to be allocated, which triggers a heap-based buffer overflow in a memcpy function call, a different...