Agostino Sarubbo

4 exploits Active since Mar 2017
CVE-2017-6060 EXPLOITDB HIGH text WORKING POC
MuPDF - Stack-based Buffer Overflow in jstest_main.c
Stack-based buffer overflow in jstest_main.c in mujstest in Artifex Software, Inc. MuPDF 1.10a allows remote attackers to have unspecified impact via a crafted image.
CVSS 7.8
CVE-2017-14939 EXPLOITDB MEDIUM text WORKING POC
GNU Binutils 2.29 - Heap-Based Buffer Over-Read in decode_line_info
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted ELF file, related to read_1_byte.
CVSS 5.5
CVE-2017-9872 EXPLOITDB HIGH text WORKING POC
LAME 3.99.5 - Stack-Based Buffer Overflow in III_dequantize_sample
The III_dequantize_sample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file.
CVSS 7.8
CVE-2017-9869 EXPLOITDB MEDIUM text WORKING POC
LAME 3.99.5 - Denial of Service via Crafted Audio File
The II_step_one function in layer2.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted audio file.
CVSS 5.5