VYPR

Argus

by Iceni

CVEs (10)

  • CVE-2017-2777HigSep 17, 2018
    risk 0.57cvss 8.8epss 0.01

    An exploitable heap overflow vulnerability exists in the ipStringCreate function of Iceni Argus Version 6.6.05. A specially crafted pdf file can cause an integer overflow resulting in heap overflow. An attacker can send file to trigger this vulnerability.

  • CVE-2016-8335HigOct 28, 2016
    risk 0.57cvss 8.8epss 0.02

    An exploitable stack based buffer overflow vulnerability exists in the ipNameAdd functionality of Iceni Argus Version 6.6.04 (Sep 7 2012) NK - Linux x64 and Version 6.6.04 (Nov 14 2014) NK - Windows x64. A specially crafted pdf file can cause a buffer overflow resulting in…

  • CVE-2016-8333HigOct 28, 2016
    risk 0.57cvss 8.8epss 0.02

    An exploitable stack-based buffer overflow vulnerability exists in the ipfSetColourStroke functionality of Iceni Argus version 6.6.04 A specially crafted pdf file can cause a buffer overflow resulting in arbitrary code execution. An attacker can provide a malicious pdf file to…

  • CVE-2016-8715HigFeb 28, 2017
    risk 0.51cvss 7.8epss 0.02

    An exploitable heap corruption vulnerability exists in the loadTrailer functionality of Iceni Argus version 6.6.05. A specially crafted PDF file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide a malicious PDF file to trigger this…

  • CVE-2016-8389HigFeb 28, 2017
    risk 0.51cvss 7.8epss 0.02

    An exploitable integer-overflow vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will attempt to convert each character from a font into a polygon and then attempt to rasterize these shapes. As the application attempts to iterate…

  • CVE-2016-8388HigFeb 28, 2017
    risk 0.51cvss 7.8epss 0.02

    An exploitable arbitrary heap-overwrite vulnerability exists within Iceni Argus. When it attempts to convert a malformed PDF to XML, it will explicitly trust an index within the specific font object and use it to write the font's name to a single object within an array of…

  • CVE-2016-8387HigFeb 27, 2017
    risk 0.51cvss 7.8epss 0.02

    An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF with an object encoded w/ multiple encoding types terminating with an LZW encoded type, an overflow may occur due to a lack of bounds checking by the LZW decoder. This…

  • CVE-2016-8386HigFeb 27, 2017
    risk 0.51cvss 7.8epss 0.02

    An exploitable heap-based buffer overflow exists in Iceni Argus. When it attempts to convert a PDF containing a malformed font to XML, the tool will attempt to use a size out of the font to search through a linked list of buffers to return. Due to a signedness issue, a buffer…

  • CVE-2016-8385HigFeb 27, 2017
    risk 0.51cvss 7.8epss 0.02

    An exploitable uninitialized variable vulnerability which leads to a stack-based buffer overflow exists in Iceni Argus. When it attempts to convert a malformed PDF to XML a stack variable will be left uninitialized which will later be used to fetch a length that is used in a…

  • CVE-2011-3332Oct 6, 2011
    risk 0.00cvss epss 0.06

    Stack-based buffer overflow in Iceni Argus 6.20 and earlier and Infix 5.04 allows remote attackers to execute arbitrary code via a crafted PDF document that uses flate compression.