FlexHEX v2.46 is vulnerable to a Denial of Service (DoS) Local Buffer Overflow. By copying the content of FlexHEX_SEH_Crash.txt to the 'Stream Name' field, a crash can be triggered. The SEH record (nseh field) at 0x0012dde8 is overwritten with unicode pattern : 0x006a0041 (offset 276), followed by 20 bytes of cyclic data after the handler.
When a long string of 180 'A' characters is copied to the clipboard and pasted into the 'Project name' field of the 'Create a new project' wizard, a crash occurs.
When a specially crafted string of 212 'A' characters is copied to the clipboard and pasted into the 'Your Name', 'Your Company', and 'Register Code' fields of the 'Amac Register Form' page, a denial of service condition occurs.
A vulnerability in Advanced Host Monitor 11.90 Beta could allow an attacker to cause a denial of service condition. The vulnerability is due to improper validation of user-supplied input when registering the application. An attacker could exploit this vulnerability by supplying a specially crafted registration number. A successful exploit could cause the application to crash, denying service to legitimate users.
AnyBurn x86 is vulnerable to Denial of Service (DoS) attack. An attacker can exploit this vulnerability by creating a malicious file containing a large number of 'A' characters and then paste the contents of the malicious file under 'Select source image file' and 'Select Destination image file' in the application. When the attacker clicks 'Convert Now', the program crashes.
Necrosoft DIG v0.4 is vulnerable to a denial of service attack due to a buffer overflow vulnerability. By sending a specially crafted payload of 2000 bytes, an attacker can overwrite the SEH handler and cause a crash. This can be done by running Necrosoft DIG v0.4, copying the content of the DIG_Crash.txt file to the clipboard, and pasting it into the 'Target' field. Clicking the 'TCP lookup' button will cause the crash.
IP TOOLS v2.50 is vulnerable to a Denial of Service (DoS) Local Buffer Overflow. To exploit the vulnerability, an attacker must run IP-Tools.exe, go to SNMP Scanner tab and copy content of IPTools_Crash.txt to clipboard, paste the content into the field: 'From Addr' and 'To Addr' and click 'Start' button, which will cause a crash.
macOS 10.13.4 introduced the file bsd/net/if_ports_used.c, which defines sysctls for inspecting ports, and added the function IOPMCopySleepWakeUUIDKey() to the file iokit/Kernel/IOPMrootDomain.cpp. This function is interesting because it copies a caller-specified amount of data from the 'SleepWakeUUID' property (which is user-controllable). Thus, if a user process sets 'SleepWakeUUID' to a shorter string than the caller expects and then triggers IOPMCopySleepWakeUUIDKey(), out-of-bounds heap data will be copied into the caller's buffer. However, triggering this particular information leak is challenging, since the only caller is the function if_ports_used_update_wakeuuid(). Nonetheless, this function also contains an information leak.
Advanced File Manager v3.4.1 is vulnerable to a Denial of Service (DoS) attack due to a Local Buffer Overflow. An attacker can exploit this vulnerability by running af_mgr.exe, copying the content of af_mgr_Crash.txt or 300 'A's to the clipboard, and then entering the registration code in all fields in the Help menu. Clicking the Register button will cause a crash.
This exploit is a proof-of-concept for a vulnerability in miniupnpd <= v2.1. The vulnerability allows an attacker to read out-of-bounds data from the vulnerable device. The exploit sends a SUBSCRIBE request with a specially crafted Callback header to the vulnerable device. The device then responds with a NOTIFY request containing the out-of-bounds data. The attacker can then read the data from the NOTIFY request.
Services By CQR