Apple Security Advisory 2018-7-23-2 - 2018-003 Sierra, Security Update 2018-003 El Capitan addresses buffer overflow, code execution, denial of service, and information leakage vulnerabilities.
9830b2d9ede1a49ea6d6942b0cb9f042Windows Speech Recognition version 4.0.4.2512 suffers from a buffer overflow vulnerability.
871847c13dd85961bdef5d89f49bbc49Splinterware System Scheduler Pro version 5.12 suffers from a buffer overflow vulnerability.
c170430754e9565ad78a2dfe9c3ab5adPDFunite version 0.62.0 suffers from a buffer overflow vulnerability.
1ba96eb4e6dd003ba9805ff429425570Secunia Research has discovered multiple vulnerabilities in Oracle Outside In Technology, which can be exploited by malicious people to compromise a vulnerable system. An error within the "VwStreamRead()" function (vsdrw.dll) can be exploited to cause a heap-based buffer overflow. A boundary error in the vsxl5.dll can be exploited to cause a heap-based buffer overflow. Another boundary error in the vsxl5.dll can be exploited to cause a heap-based buffer overflow. An integer underflow error within the "VwStreamOpen()" function (vswk6.dll) can be exploited to cause an out-of-bounds write memory access. The vulnerabilities are confirmed in version 8.5.3. Other versions may also be affected.
be326e466eb0e8b495861d5e98f468e7Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file. An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) can be exploited to trigger a division by zero via specially crafted NOKIARAW file. The vulnerabilities are confirmed in version 0.18.11. Prior versions may also be affected.
6e78f4b1fcbe43e3fe25052ffe74b0e0Chrome suffers from an integer overflow vulnerability in Swiftshader texture allocation.
b3eb960cb7d3278d871332f5993c7d6cSecunia Research has discovered a vulnerability in Clam AntiVirus, which can be exploited by malicious people to cause a DoS (Denial of Service). An integer overflow error within the "parsehwp3_paragraph()" function (libclamav/hwp.c) can be exploited to trigger an infinite loop via a specially crafted Hangul Word Processor file. The vulnerability is confirmed in version 0.100.0 and reported in versions prior to 0.100.1.
87cd959e1b15b6694588286356c9349cG DATA TOTAL SECURITY version 25.4.0.3 suffers from an active-x buffer overflow vulnerability.
90c8424162c88e3a300d66cb5666405aHuawei eNSP version 1 suffers from a buffer overflow vulnerability that results in a denial of service condition.
ea0e5d03687dc7fb48390b25b9754758Lenovo SU version 5.07 suffers from a buffer overflow vulnerability that allows for code execution.
ed2d00e979893df235dcdf59331f72a3Intel System CU versions 14.0 and 14.1 suffer from a buffer overflow vulnerability.
eb846c95a5557b45f2f5ae448248b0cfBoxoft WAV to WMA Converter version 1.0 local SEH buffer overflow exploit.
c8413f466674af9bf346693014e1a07dLinux Awk to Perl (/usr/bin/a2p) suffers from a buffer overflow vulnerability.
5f941b7a5f120e4ea63ce6593fdf699aUbuntu Security Notice 3696-2 - USN-3696-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
7232f498840627d5ecbea781d6ae2d03Ubuntu Security Notice 3696-1 - It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Wei Fang discovered an integer overflow in the F2FS filesystem implementation in the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that an information leak existed in the generic SCSI driver in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
85ebc7f68fdfd1ec62e89e89a7199622This Metasploit module exploits a stack buffer overflow in Boxoft WAV to MP3 Converter versions 1.0 and 1.1. By constructing a specially crafted WAV file and attempting to convert it to an MP3 file in the application, a buffer is overwritten, which allows for running shellcode.
0bc942aad9f54095c3d8e7923d60677cCore FTP LE version 2.2 buffer overflow proof of concept exploit.
9374afe7a9fa94be48ccc3512a486640SIPp version 3.6 suffers from a local buffer overflow vulnerability.
b50a8cb40949c174c4227658dffa2e3eDelta Industrial Automation COMMGR version 1.08 stack buffer overflow proof of concept exploit.
380f500e42ef7dd79ad79b6d26aee890This Metasploit module exploits a buffer overflow in the FTPShell client 6.70 (Enterprise edition) allowing remote code execution.
65592cd1c5d2d58b3050cf2873ac3999Red Hat Security Advisory 2018-2112-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.1.0 ESR. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.
29344370decb099155105e9c463e59e7Red Hat Security Advisory 2018-2113-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.1.0 ESR. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.
5f5f09c5bb8d12e7cd03f1208541cf84Apple Security Advisory 2018-06-27-1 - SwiftNIO 1.8.0 is now available and addresses a buffer overflow vulnerability.
6473d76b977aaab2576e0ce737638d82PoDoFo version 0.9.5 suffers from a buffer overflow vulnerability.
8bfed571dcda975b809de00adc2768e4
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed