In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS).
Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted. was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. VDB-216170 is the identifier assigned to this vulnerability. The exploit has been disclosed to the public and may be used. The manipulation leads to heap-based buffer overflow. Affected by this issue is some unknown functionality of the component mp42aac. Other operating systems are unaffected.* This vulnerability affects Firefox 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.Ī vulnerability was found in Axiomatic Bento4 up to 1.6.0-639. *This bug only affects Firefox on Windows. On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape.
Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV. Heap-based Buffer Overflow in GitHub repository vim/vim prior to. Heap buffer overflow in WebP in Google Chrome prior to 1.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
0 kommentar(er)
