Lucene search
+L
IceniArgus

10 matches found

CVE
CVE
added 2016/10/28 8:0 p.m.63 views

CVE-2016-8335

CVE-2016-8335 is an exploitable stack-based buffer overflow in Iceni Argus IPNameAdd(), triggered by unvalidated source strings copied via strcpy before length checks. Affects Iceni Argus 6.6.04 (Linux x64) and 6.6.04 (Windows x64). The vulnerability stems from a 255-byte destination buffer (dest...

8.8CVSS8AI score0.02062EPSS
CVE
CVE
added 2017/02/28 3:0 p.m.62 views

CVE-2016-8389

CVE-2016-8389 affects Iceni Argus and is an exploitable integer-overflow vulnerability discovered in 2016. The issue occurs during PDF-to-XML conversion when text is converted to polygons and rasterized, leading to writes outside allocated buffers and potential code execution. Technical details f...

9.3CVSS7.8AI score0.02116EPSS
CVE
CVE
added 2017/02/27 9:0 p.m.61 views

CVE-2016-8387

CVE-2016-8387 describes a heap-based buffer overflow in Iceni Argus during PDF to HTML conversion when decoding objects with multiple encodings ending in LZW. The overflow arises from missing bounds checking in the LZW decoder (ipLZWFeedCreate/ipLZWFeedRead paths), potentially enabling code execu...

9.3CVSS7.9AI score0.02252EPSS
CVE
CVE
added 2017/02/27 9:0 p.m.59 views

CVE-2016-8385

CVE-2016-8385 affects Iceni Argus and is described across multiple sources (e.g., TALOS report) as an uninitialized variable vulnerability that causes a stack-based buffer overflow when converting malformed PDFs to XML. The root cause involves an uninitialized stack variable used to determine a c...

9.3CVSS7.9AI score0.0225EPSS
CVE
CVE
added 2017/02/27 9:0 p.m.58 views

CVE-2016-8386

CVE-2016-8386 affects Iceni Argus with a heap-based buffer overflow in the PDF-to-XML/font processing flow. Root cause: a signedness bug in icnBufferAlloc can allocate an undersized buffer, which is then used by GetTables/GetTables+ipDataFeedRead to read data and can overflow the memory, potentia...

9.3CVSS7.9AI score0.0225EPSS
CVE
CVE
added 2017/02/28 3:0 p.m.58 views

CVE-2016-8715

Iceni Argus CVE-2016-8715 affects Argus 6.6.05. The root cause is a heap corruption in loadTrailer where the PDF Size field from the trailer is used to allocate memory (icnChainAlloc) and then memset-ing 24*v166 bytes. If Size is negative (e.g., -1 or large unsigned interpretations), icnChainAllo...

8.8CVSS8AI score0.01902EPSS
CVE
CVE
added 2018/09/17 5:0 p.m.54 views

CVE-2017-2777

The vulnerability CVE-2017-2777 affects Iceni Argus 6.6.05. A heap overflow/heap corruption flaw in ipStringCreate can be triggered by processing specially crafted PDF content, enabling remote code execution. The root cause is an integer overflow in the allocation size (size + 11) when building a...

8.8CVSS7.6AI score0.01044EPSS
CVE
CVE
added 2011/10/06 11:0 p.m.52 views

CVE-2011-3332

The CVE-2011-3332 entry refers to a stack-based buffer overflow in Iceni Argus (6.20 and earlier) and Infix (5.04) that can be triggered by a crafted flate-compressed PDF, allowing remote code execution. Affected components: Iceni Argus library (PDF handling) and Iceni Infix; impact is remote cod...

10CVSS8.3AI score0.06038EPSS
CVE
CVE
added 2017/02/28 3:0 p.m.52 views

CVE-2016-8388

Iceni Argus contains a heap-overwrite vulnerability in its PDF-to-XML conversion path. Specifically, during glyph-map handling, an index trusted from a font object can be used to write a font name pointer into an out-of-bounds location, enabling memory corruption and potential code execution. Rep...

9.3CVSS7.6AI score0.01867EPSS
CVE
CVE
added 2016/10/28 8:0 p.m.51 views

CVE-2016-8333

Summary (CVE-2016-8333): Iceni Argus 6.6.04 contains a stack-based buffer overflow in ipfSetColourStroke. The function copies ICNChain->len elements from the opStack into a local dstArray[9], but ICNChain->len can be 12, causing a overflow and potentially arbitrary code execution. The overf...

8.8CVSS8AI score0.02062EPSS