70 matches found
CVE-2023-29579
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf. Note: This has been disputed by third parties who argue this is a bug and not a security issue because yasm is a standalone program not designed to run untrusted code...
SUSE CVE-2007-4897
pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service application crash via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the...
CVE-2020-7837
An issue was discovered in ML Report Program. There is a stack-based buffer overflow in function sub41EAF0 at MLReportDeamon.exe. The function will call vsprintf without checking the length of strings in parameters given by attacker. And it finally leads to a stack-based buffer overflow via acces...
CVE-2020-7837
An issue was discovered in ML Report Program. There is a stack-based buffer overflow in function sub41EAF0 at MLReportDeamon.exe. The function will call vsprintf without checking the length of strings in parameters given by attacker. And it finally leads to a stack-based buffer overflow via acces...
CVE-2020-7837
An issue was discovered in ML Report Program. There is a stack-based buffer overflow in function sub41EAF0 at MLReportDeamon.exe. The function will call vsprintf without checking the length of strings in parameters given by attacker. And it finally leads to a stack-based buffer overflow via acces...
CVE-2018-11963
In all android releasesAndroid for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, Buffer overread may occur due to non-null terminated strings while processing vsprintf in camera jpeg driver...
IBM Tivoli Storage Manager FastBack Server Opcode 1301 Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1301. By sending a crafted packet on TCP...
IBM Tivoli Storage Manager FastBack Server Opcode 1335 Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1335. By sending a crafted packet on TCP...
jasper: possible buffer overflow in jas_stream_printf()
Buffer overflow in the jasstreamprintf function in libjasper/base/jasstream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mifhdrput function and use of vsprintf...
IBM Informix Dynamic Server Long Username Authentication Error Stack Overflow - Ver2 (CVE-2006-3854)
A buffer overflow vulnerability has been reported in IBM Informix Dynamic Database Server. An attacker could exploit this vulnerability via a long username, which causes an overflow in vsprintf when displaying in the resulting error message. Successful exploitation of this vulnerability could all...
Yokogawa CS3000 BKFSim_vhfd.exe Buffer Overflow
This module exploits a stack based buffer overflow on Yokogawa CS3000. The vulnerability exists in the service BKFSimvhfd.exe when using malicious user-controlled data to create logs using functions like vsprintf and memcpy in an insecure way. This module has been tested successfully on Yokogawa...
Inso DynaWeb httpd 3.1/4.0.2/4.1 Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5384/info Inso DynaWeb webserver, dwhttpd, is used as a subcomponent in products such as Sun's AnswerBook2, which is shipped as part of the Solaris operating environment. The dwhttpd webserver is prone to a remotely...
Zlib 1.1.4 Compression Library gzprintf() Buffer Overrun Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/6913/info A buffer-overrun vulnerability has been reported in the Zlib compression library. Due to the use of 'vsprintf' by an internal Zlib function, an attacker can cause memory to become corrupted. This buffer overrun...
Crysis <= 1.1.1.5879 Remote Format String Denial of Service PoC
No description provided by source. The Crysis engine passes along internal debug strings through the game. One of them is passed to vsprintf in the crt lib: 30503263 8D8C24 10100000 LEA ECX,DWORD PTR SS:ESP+1010 3050326A 51 PUSH ECX 3050326B 50 PUSH EAX 3050326C 8D5424 08 LEA EDX,DWORD PTR SS:ESP...
McAfee Subscription Manager Stack Buffer Overflow
No description provided by source. $Id: mcafeemcsubmgrvsprintf.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
Ericom AccessNow Server Buffer Overflow
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Ericom AccessNow Server Buffer Overflow', 'Description' = %q This module exploits a stack based buffer overflow in Ericom AccessNow...
Ericom AccessNow Server Buffer Overflow
This module exploits a stack based buffer overflow in Ericom AccessNow Server. The vulnerability is due to an insecure usage of vsprintf with user controlled data, which can be triggered with a malformed HTTP request. This module has been tested successfully with Ericom AccessNow Server 2.4.0.2 o...
FactoryLink - 'vrn.exe' Opcode 9 Buffer Overflow (Metasploit)
$Id: factorylinkvrn09.rb 12998 2011-06-21 21:08:57Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
FactoryLink vrn.exe Opcode 9 Buffer Overflow
Exploit for windows platform in category remote exploits $Id: factorylinkvrn09.rb 12998 2011-06-21 21:08:57Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information o...
Ipswitch Imail Server Queuemgr Format String Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IPSwitch IMail. Authentication is not required to exploit this vulnerability. The specific flaw exists within SMTPDLL.dll called by queuemgr.exe. When handling a message queued for remote delivery...