5 results (0.005 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed. Existe un desbordamiento de enteros (CWE-190) que podría conducir a una escritura fuera de límites (CWE-787) en un área asignada por la memoria dinámica (heap) y que desemboca en la corrupción de la memoria dinámica en la versión 8.5 de Micro Focus VisiBroker. No se ha evaluado la posibilidad de explotar esta vulnerabilidad para realizar más ataques. Micro Focus VisiBroker C++ version 8.5 SP2 suffers from multiple memory corruption vulnerabilities. • https://community.microfocus.com/microfocus/corba/visibroker_-_world_class_middleware/w/knowledge_base/29171/visibroker-8-5-service-pack-4-hotfix-3-security-fixes • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service. Un desbordamiento de enteros (CWE-190) que podría provocar una vulnerabilidad de lectura fuera de límites (CWE-125) en la versión 8.5 de Micro Focus VisiBroker podría conducir a una denegación de servicio. Micro Focus VisiBroker C++ version 8.5 SP2 suffers from multiple memory corruption vulnerabilities. • https://community.microfocus.com/microfocus/corba/visibroker_-_world_class_middleware/w/knowledge_base/29171/visibroker-8-5-service-pack-4-hotfix-3-security-fixes • CWE-190: Integer Overflow or Wraparound •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed. Existe una vulnerabilidad de lectura fuera de límites (CWE-125) en la versión 8.5 de Micro Focus VisiBroker. No se ha evaluado la posibilidad de explotar esta vulnerabilidad para realizar más ataques. Micro Focus VisiBroker C++ version 8.5 SP2 suffers from multiple memory corruption vulnerabilities. • https://community.microfocus.com/microfocus/corba/visibroker_-_world_class_middleware/w/knowledge_base/29171/visibroker-8-5-service-pack-4-hotfix-3-security-fixes • CWE-125: Out-of-bounds Read •

CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 4

osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet with a large string length value to UDP port 14000, which triggers a memory allocation failure that is not properly handled. osagent.exe en Borland VisiBroker Smart Agent v08.00.00.C1.03 y anteriores permite a atacantes remotos provocar una denegación de servicio (caída) a través de una paquete manipulado con una logitus de cadena larga al puerto UDP 14000, lo que provoca una fallo de localización de memoria que no se gestiona de forma adecuada. • http://aluigi.altervista.org/adv/visibroken-adv.txt http://archives.neohapsis.com/archives/fulldisclosure/2008-03/0018.html http://osvdb.org/43058 http://secunia.com/advisories/29213 http://www.securityfocus.com/bid/28084 http://www.vupen.com/english/advisories/2008/0748/references https://exchange.xforce.ibmcloud.com/vulnerabilities/40983 • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 10%CPEs: 1EXPL: 4

Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port 14000, which triggers a heap-based buffer overflow. Desbordamiento de entero en osagent.exe en Borland VisiBroker Smart Agent 08.00.00.C1.03 y anteriores, permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente la ejecución de código de su elección a través de un paquete manipulado un valor de longitud de cadena larga al puerto UDP 14000 que provoca un desbordamiento de búfer basado en memoria dinámica (heap). • https://www.exploit-db.com/exploits/31330 http://aluigi.altervista.org/adv/visibroken-adv.txt http://archives.neohapsis.com/archives/fulldisclosure/2008-03/0018.html http://osvdb.org/43057 http://secunia.com/advisories/29213 http://www.securityfocus.com/bid/28084 http://www.vupen.com/english/advisories/2008/0748/references https://exchange.xforce.ibmcloud.com/vulnerabilities/40978 • CWE-189: Numeric Errors •