This module exploits a stack-based buffer overflow vulnerability in the web interface of DiskSavvy Enterprise caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server.
VX Search Enterprise is prone to a buffer-overflow vulnerability when handling a crafted request, this can trigger an overflow in a finite-sized internal memory buffer, and install an agent with SYSTEM privileges.
A UNICODE Buffer Overflow exists in AllPlayer 7.5 when parsing .m3u files. The vulnerability is caused due to a boundary error when handling a crafted .m3u files.
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.
Omron CX-Supervisor is prone to a buffer overflow when handling specially crafted project files.
The vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory.
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory.
An issue was discovered in MalwareFox AntiMalware. Improper access control in zam32.sys and zam64.sys allows a non-privileged process to register itself with the driver by sending IOCTL 0x80002010 and then using IOCTL 0x8000204C to \\.\ZemanaAntiMalware to elevate privileges.
A Buffer Overflow exist in ASX to MP3 when parsing .ASX files. The vulnerability is caused due to a boundary error when handling a crafted .ASX files.
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Kingsoft Internet Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaws exists within the processing of IOCTL 0x80030004 or 0x80030008 by the KWatch3.sys (internet security) kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in a kernel stack buffer overflow. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.