The crash was encountered in pdfium (the Chrome PDF renderer) during PDF fuzzing. It is a stack buffer overflow vulnerability where a read of size 4 at address 0x7ffc8b7edb84 causes the crash. The crash occurs in the CPDF_Function::Call function in the fpdf_page_func.cpp file.
The exploit encountered a segmentation fault (SEGV) at an unknown address while fuzzing a PDF file in pdfium, the Chrome PDF renderer. The crash occurs in the IsFlagSet function in the v8/src/heap/spaces.h file. It seems to be related to incremental marking in the heap.
The crash occurs in pdfium during PDF fuzzing. It is a heap buffer overflow issue encountered while rendering a PDF file. The issue is in the CPDF_DIBSource::DownSampleScanline32Bit function in the fpdf_render_loadimage.cpp file. The function tries to read 1 byte of data from the address 0x61800000f7b2, causing a heap buffer overflow.
This is a remote buffer overflow exploit for the IE 6 / DB Software Laboratory VImpX ActiveX (VImpX.ocx v. 4.7.3.0) vulnerability. It targets Windows XP SP2 IT version using the EIP overwrite method. The exploit is created by rgod.
ftpsehll client has a buffer overlow entry point in the [Favorites] - [Add to favorites..] 'Session name' input field used to add session to favorites list. Crash: input 'A' x 1500 to Session name field.
The CJG EXPLORER PRO v3.2 script is vulnerable to remote file inclusion. This vulnerability allows an attacker to include arbitrary files from a remote server.
$whereClause and $whereClauseT and $whereClauseW and $whereClause2W variables are not properly escaped in the ad.class.php file of Simple Ads Manager plugin.
This is a remote buffer overflow exploit for webdesproxy[v0.0.1] on the cygwin platform. The vulnerability occurs in the strncpy function call in webdesproxy.c on line 111.
notepad++ contains a buffer overflow vulnerability in the way it processes ruby source files (.rb). This exploit works by overwriting EAX which gets called during processing as 'CALL DWORD EAX+4', so EAX needs to point to a user-controlled area that contains another address which will then become EIP. Once EIP is controlled it simply jumps a little bit forward in memory to the nop sled/shellcode.
A remote overflow exists in the KiTTY Chat feature, which enables a remote attacker to execute code on the vulnerable system with the rights of the current user, from Windows XP x86 to Windows 10 x64 included (builds 10240/10586). Chat feature is not enabled by default. When sending a long string to the KiTTY chat server as nickname, a crash occurs. The EIP overwrite does let little room for exploitation (offset 54) with no more than 160 to 196 bytes for the shellcode from XP to Windows10. Using a Metasploit
Services By CQR