CVE-2017-5859 (cnpilot_r200_series_firmware)
On Cambium Networks cnPilot R200/201 devices before 4.3, there is a vulnerability involving the certificate of the device and its RSA keys, aka RBN-183.
[월:] 2017년 03월
CVE-2017-6596 (partclone)
CVE-2017-6596 (partclone)
partclone.chkimg in partclone 0.2.89 is prone to a heap-based buffer overflow vulnerability due to insufficient validation of the partclone image header. An attacker may be able to launch a ‘Denial of Service attack’ in the context of the user running the affected application.
Source: CVE-2017-6596 (partclone)
CVE-2017-6798 (endpoint_sensor)
CVE-2017-6798 (endpoint_sensor)
Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208.
Source: CVE-2017-6798 (endpoint_sensor)
CVE-2017-6802 (ytnef)
CVE-2017-6802 (ytnef)
An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef.
Source: CVE-2017-6802 (ytnef)
CVE-2017-6801 (ytnef)
CVE-2017-6801 (ytnef)
An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.
Source: CVE-2017-6801 (ytnef)
CVE-2017-2788 (popup)
CVE-2017-2788 (popup)
A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit.
Source: CVE-2017-2788 (popup)
CVE-2017-6800 (ytnef)
CVE-2017-6800 (ytnef)
An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef.
Source: CVE-2017-6800 (ytnef)
CVE-2017-2785 (popup)
CVE-2017-2785 (popup)
An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to a heap based buffer overflow resulting in remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit.
Source: CVE-2017-2785 (popup)
CVE-2017-2786 (popup)
CVE-2017-2786 (popup)
A denial of service vulnerability exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to an out of bounds read causing a crash and a denial of service.
Source: CVE-2017-2786 (popup)
CVE-2017-2787 (popup)
CVE-2017-2787 (popup)
A buffer overflows exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially crafted packet can be sent to the victim’s computer and can lead to a heap based buffer overflow resulting in potential remote code execution. This client is always listening, has root privileges, and requires no user interaction to exploit.
Source: CVE-2017-2787 (popup)