Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 26662 of 28073

CVE-2017-14410

Posted by Cyberthreat Blog | Sep 12, 2017 | CVE Notifications |

A buffer over-read was discovered in III_i_stereo in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service.

CVE-2017-14408

Posted by Cyberthreat Blog | Sep 12, 2017 | CVE Notifications |

A stack-based buffer over-read was discovered in dct36 in layer3.c in mpglibDBL, as used in MP3Gain version 1.5.2. The vulnerability causes an application crash, which leads to remote denial of service.

CVE-2017-14405

Posted by Cyberthreat Blog | Sep 12, 2017 | CVE Notifications |

The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote command execution via shell metacharacters in a hosts_cacti array parameter to module/admin_device/index.php.

CVE-2017-14401

Posted by Cyberthreat Blog | Sep 12, 2017 | CVE Notifications |

The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the “ACCOUNT UPDATE” section.

CVE-2017-14402

Posted by Cyberthreat Blog | Sep 12, 2017 | CVE Notifications |

The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the “ACCOUNT CREATION” section, related to lack of input validation in...

Author: Cyberthreat Blog

CVE-2017-14410

CVE-2017-14408

CVE-2017-14405

CVE-2017-14401

CVE-2017-14402