Philip Hazel

5 exploits Active since Jul 2023
CVE-2024-41881 WRITEUP HIGH WRITEUP
SDoP < 1.11 - Stack-based Buffer Overflow via XML Parameter Handling
SDoP versions prior to 1.11 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted XML file, arbitrary code may be executed on the user's environment.
CVSS 8.8
CVE-2024-43700 WRITEUP HIGH WRITEUP
philiphazel xfpt < 1.01 - Stack-based Buffer Overflow via Crafted Input File
xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment.
CVSS 7.8
CVE-2022-41409 WRITEUP HIGH WRITEUP
pcre2 < 10.41 - Integer Overflow via Negative Input
Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.
CVSS 7.5
CVE-2024-41881 WRITEUP HIGH STUB
SDoP < 1.11 - Stack-based Buffer Overflow via XML Parameter Handling
SDoP versions prior to 1.11 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted XML file, arbitrary code may be executed on the user's environment.
CVSS 8.8
CVE-2024-43700 WRITEUP HIGH STUB
philiphazel xfpt < 1.01 - Stack-based Buffer Overflow via Crafted Input File
xfpt versions prior to 1.01 fails to handle appropriately some parameters inside the input data, resulting in a stack-based buffer overflow vulnerability. When a user of the affected product is tricked to process a specially crafted file, arbitrary code may be executed on the user's environment.
CVSS 7.8