Attackers can exploit this issue to crash the affected application, resulting in a denial-of-service condition. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed.
An attacker can leverage this issue to crash the affected application, causing a denial-of-service condition.
The PHP Advanced Transfer Manager (phpatm) is vulnerable to an injection attack. This can be exploited by sending a specially crafted request to the 'index.php' file with the 'action' parameter set to 'downloadfile' and the 'directory' parameter set to '../'. This allows an attacker to download arbitrary files from the server.
The ID Automation Linear Barcode ActiveX Control (IDAutomationLinear6.dll) v. 1.6.0.5 is vulnerable to a Denial of Service (DoS) attack. By sending a specially crafted input, an attacker can cause the ActiveX control to crash, resulting in a denial of service condition. This vulnerability can be exploited remotely without authentication.
The crash was encountered in pdfium (the Chrome PDF renderer) during PDF fuzzing. It is a stack buffer overflow vulnerability where a read of size 4 at address 0x7ffc8b7edb84 causes the crash. The crash occurs in the CPDF_Function::Call function in the fpdf_page_func.cpp file.
The exploit encountered a segmentation fault (SEGV) at an unknown address while fuzzing a PDF file in pdfium, the Chrome PDF renderer. The crash occurs in the IsFlagSet function in the v8/src/heap/spaces.h file. It seems to be related to incremental marking in the heap.
The crash occurs in pdfium during PDF fuzzing. It is a heap buffer overflow issue encountered while rendering a PDF file. The issue is in the CPDF_DIBSource::DownSampleScanline32Bit function in the fpdf_render_loadimage.cpp file. The function tries to read 1 byte of data from the address 0x61800000f7b2, causing a heap buffer overflow.
This is a remote buffer overflow exploit for the IE 6 / DB Software Laboratory VImpX ActiveX (VImpX.ocx v. 4.7.3.0) vulnerability. It targets Windows XP SP2 IT version using the EIP overwrite method. The exploit is created by rgod.
ftpsehll client has a buffer overlow entry point in the [Favorites] - [Add to favorites..] 'Session name' input field used to add session to favorites list. Crash: input 'A' x 1500 to Session name field.
The CJG EXPLORER PRO v3.2 script is vulnerable to remote file inclusion. This vulnerability allows an attacker to include arbitrary files from a remote server.