It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). Jann Horn discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel could overflow reference counters on systems with more than 32GB of physical ram and with RLIMIT_MEMLOCK set to infinite. A local unprivileged attacker could use to create a use-after- free situation, causing a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.
cf9eb0b35f581391cfa449654007aaadWebKit suffers from a WebCore::RenderSearchField::addSearchResult heap buffer overflow vulnerability.
04b54b4fde19de5e3ff97538dc8015b4MAWK versions 1.3.3-17 and below are susceptible to a stack-based buffer overflow vulnerability.
f76cf831d1aaa6799ae5841ed1ae6276This Metasploit module exploits a buffer overflow during user registration in Easy Chat Server software.
ea660b80899722585fc2d5713b8b135fApple Security Advisory 2017-07-19-3 - watchOS 3.2.2 is now available and addresses buffer overflow, memory corruption, and various other vulnerabilities.
ec5cc4db1b6bbf46b6628e302c5f538aFTPGetter version 5.89.0.85 SEH buffer overflow exploit.
ecf55fae0da7cb2320324500d212bccbEasy File Sharing Web Server version 7.2 SEH buffer overflow PassWD exploit that spawns a reverse shell.
0a226fb9ae5920b89126ab6486e607fbDebian Linux Security Advisory 3908-1 - An integer overflow has been found in the HTTP range module of Nginx, a high-performance web and reverse proxy server, which may result in information disclosure.
2d367b8f14fc73b9768c34d3df9ea843Ubuntu Security Notice 3352-1 - It was discovered that an integer overflow existed in the range filter feature of nginx. A remote attacker could use this to expose sensitive information.
0a3c25fdc743605f7bb042a72bdff5bfPyCharm 2-0 / 2017 suffers from a command-line buffer overflow vulnerability.
e3f4c8185ee0692be23f0a6c867e5048IBM Informix DB-Access utility is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. The vulnerability is triggered by providing an overly long file parameter value inside a LOAD statement, which is used to insert data from an operating-system file into an existing table or view. Version 12.10 is affected.
a6b494ac98eda0f50077d89e22e9c8cfLG suffers from multiple stack overflows in ASFParser::SetMetaData.
11032cdfb45063fe394b921e0d88804aEasy File Sharing Web Server version 7.2 suffers from an account import local buffer overflow vulnerability.
3fe8d27b0bff54d459eee1a9037b30f7Digital Canal Structural Wind Analysis versions 9.1 and below suffer from a buffer overflow vulnerability.
a7290e29db03e678669abbc187954af5Red Hat Security Advisory 2017-1615-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment list->frag_list) in the socket buffer. The heap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and 'NETIF_F_FRAGLIST' feature were used together. A remote user or process could use this flaw to potentially escalate their privilege on a system.
9cfe18ce0b936ec4aede687d0c578c6bFASM (Flat Assembler) versions 1.7.21 and below suffer from a buffer overflow vulnerability.
7c1545562143b51d0bc05b2a8fb262b9Easy File Sharing Web Server version 7.2 GET HTTP request buffer overflow exploit.
8f01d366a360414c32e90e350d821ce1IBM DB2 versions 9.7, 10.1, 10.5, and 11.1 suffer from a command line process buffer overflow vulnerability.
5d5fdc9afef069a12acc4631e4723b9aMicrosoft Skype versions 7.2, 7.35 and 7.36 suffer from a stack buffer overflow vulnerability.
83bf427e9bb93af672310e8bd506f135JAD version 1.5.8e-1kali1 suffers from a buffer overflow vulnerability.
2b1879456767fcc7e710df4a24db0153LAME version 3.99.5 suffers from a II_step_one buffer overflow vulnerability.
a3341973e3bfcb873573a2ccad573a0fLAME version 3.99.5 suffers from a III_dequantize_sample stack buffer overflow vulnerability.
598e7a87386258e4cc7a05c3337e3bbaThis Metasploit module exploits a POST buffer overflow in the Easy File Sharing FTP Server 7.2 software.
af2f364b556cf0c3975be59929373439GNU binutils suffers from a print_insn_score16 buffer overflow vulnerability.
64e33db78a06380264d781c988054a95GNU binutils suffers from a decode_pseudodbg_assert_0 buffer overflow vulnerability.
eaf0bbe9ede7909267b30e41e87dc259
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed