InfoZip UnZip versions 6.00 and below and 6.1c22 and below suffer from multiple buffer overflow vulnerabilities.
bdf125c9b1ccf7ea7ce8e8e8062e3d85BOCHS version 2.6-5 suffers from a local buffer overflow vulnerability.
ef2db4986d49397d9379bd42918b2da5Debian Linux Security Advisory 4104-1 - 'landave' discovered a heap-based buffer overflow vulnerability in the NCompress::NShrink::CDecoder::CodeReal method in p7zip, a 7zr file archiver with high compression ratio. A remote attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary code with the privileges of the user running p7zip, if a specially crafted shrinked ZIP archive is processed.
37f24efc8b47c5221b4ad9a8a14807e1Flexense SyncBreeze Enterprise versions 10.3.14 and below suffer from a buffer overflow vulnerability.
a80e2fe8cf2dee78d9b76553abcff8e4Geovision Inc. devices GV-BX1500 version 3.10 2016-12-02 and GV-MFD1501 version 3.12 2017-06-19 suffer from remote command execution, stack overflow, double free, and other vulnerabilities.
61ef5b2004f23fa9b785f6c6257a6914This Metasploit module exploits a buffer overflow in Dup Scout Enterprise version 10.4.16 by using the import command option to import a specially crafted xml file.
3c239cd0ae1f2f80ccc8d0c47c009097LabF nfsAxe version 3.7 TFTP client suffers from a local buffer overflow vulnerability.
5b6eae06992b1e16f8467ad283643cc2Artifex MuJS version 1.0.2 suffers from an integer overflow vulnerability because of incorrect exponent validation.
6b7270e7d80f409cf90160562efc61c0Red Hat Security Advisory 2018-0163-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: A stack buffer overflow flaw was found in the way 389-ds-base handled certain LDAP search filters. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
8418d8af2e9ff0e3d913df790db33c1cRed Hat Security Advisory 2018-0169-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An integer overflow vulnerability in ip6_find_1stfragopt() function was found. A local attacker that has privileges to open raw socket can cause an infinite loop inside the ip6_find_1stfragopt() function. The IPv6 fragmentation implementation in the Linux kernel does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted socket and send system calls. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.
9bb71d7fb0b138765d55e9fb093e9a9aDebian Linux Security Advisory 4096-1 - Several security issues have been found in the Mozilla Firefox web overflows and other implementation errors may lead to the execution of arbitrary code, denial of service or URL spoofing.
0fb0ce092bc36cd7a01a1481351466efDebian Linux Security Advisory 4095-1 - It was discovered that gcab, a Microsoft Cabinet file manipulation tool, is prone to a stack-based buffer overflow vulnerability when extracting .cab files. An attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary code with the privileges of the user running gcab, if a specially crafted .cab file is processed.
f49df1930a61da26ce9b5fbc5a13520bMixPad version 5.00 suffers from a buffer overflow vulnerability.
a32d3a1768736554aa97dc28a11b2d03This Metasploit module exploits a buffer overflow in Sync Breeze Enterprise 9.5.16 by using the import command option to import a specially crafted xml file.
395d219c09a1ba573c0f9f59e1e68bb8Whitepaper called Kernel Exploitation 4: Stack Buffer Overflow (SMEP Bypass).
4b5fbb1fecf494ed48919cee8e5f6c61Whitepaper called Kernel Exploitation 5: Integer Overflow.
04206fdd1740fa887398727a20d76aaaDebian Linux Security Advisory 4088-1 - It was discovered that multiple integer overflows in the GIF image loader in the GDK Pixbuf library may result in denial of service and potentially the execution of arbitrary code if a malformed image file is opened.
f298d01aa1fdb231d82e576017f24952Disk Pulse Enterprise version 10.1.18 buffer overflow exploit that binds a shell.
70ce17cbe1db3948f132073f7d0feee7SysGauge Server version 3.6.18 suffers from a buffer overflow vulnerability.
1b7caf431c181607b803d57479d2c265OBS Studio version 20.1.3 suffers from local buffer overflow vulnerability.
585cb29974d0cd163c5127b35918041ePyroBatchFTP versions prior to 3.19 suffer from a buffer overflow vulnerability.
0ab46277515c18f17250ed5562af7c8cKentico CMS version 11.0 suffers from stack buffer overflow vulnerability.
23331928e3abbd18d107c100571177c0ALLMediaServer version 0.95 stack buffer overflow exploit with DEP bypass on Windows 7 x64.
15321ab5b12699493b877fadfdf25da1VMware Security Advisory 2018-0005 - VMware Workstation, and Fusion updates resolve use-after-free and integer-overflow vulnerabilities.
9626383bdd42e1ee3b4eb490bf37558cThis Metasploit module exploits a buffer overflow in the LabF nfsAxe 3.7 FTP Client allowing remote code execution.
8d30c79823a88f61fd7afa9d88d0562e
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed