h4ng3r

3 exploits Active since Mar 2017
CVE-2017-6387 WRITEUP MEDIUM WRITEUP
radare2 1.2.1 - Denial of Service via Crafted DEX File
The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted DEX file.
CVSS 5.5
CVE-2017-6415 WRITEUP MEDIUM WRITEUP
radare2 1.2.1 - Denial of Service via Crafted DEX File
The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DEX file.
CVSS 5.5
CVE-2017-6448 WRITEUP HIGH WRITEUP
radare2 1.2.1 - Stack-Based Buffer Overflow in Dalvik Disassembler
The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 1.2.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file.
CVSS 7.8