Published: 31/10/2017 Updated: 29/03/2021

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 606

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. The flaw is triggered by providing a long input into the "Destination directory" field, either within an XML document or through use of passive mode.

Vulnerable Product	Search on Vulmon	Subscribe to Product
flexense syncbreeze 10.1.16

SyncBreeze version 10116 suffers from an xml parsing stack-based buffer overflow vulnerability ...

CVE-2017-15950 PoC exploit for vulnerability CVE-2017-15950 SyncBreeze XML Parser and/or Sync functionality Stack-Based Buffer Overflow Usage When running the XML payload generator, the script will output a XML file xplSyncBreezexml containing the payload to import using SyncBreeze python3 payloadgenerator_XML_CVE-2017-15950py When run

CVE-2017-8367 PoC exploit for vulnerability CVE-2017-8367 Easy Mov Converter Register functionality Stack-Based Buffer Overflow Usage Execute script and the file POCPayloadtxt will be created containing the payload python3 payloadgenerator_CVE-2017-15950py Open the output file on notepad and copy ascii output into username field of Eas

CWE-119 http://seclists.org/fulldisclosure/2017/Oct/64 http://packetstormsecurity.com/files/162008/SyncBreeze-10.1.16-Buffer-Overflow.html https://nvd.nist.gov https://github.com/rnnsz/CVE-2017-15950 https://packetstormsecurity.com/files/162008/SyncBreeze-10.1.16-Buffer-Overflow.html

CVE-2017-15950

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect