Lucene search
Alpine Linux Development TeamALPINE:CVE-2017-7961HistoryApr 19, 2017 - 3:59 p.m.
CVE-2017-7961
2017-04-1915:59:00
Alpine Linux Development Team
security.alpinelinux.org
404
The cr_tknzr_parse_rgb function in cr-tknzr.c in libcroco 0.6.11 and 0.6.12 has an “outside the range of representable values of type long” undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted CSS file. NOTE: third-party analysis reports "This is not a security issue in my view. The conversion surely is truncating the double into a long value, but there is no impact as the value is one of the RGB components.
Related
cvelist
cvelist
CVE-2017-7961
2017-04-19 15:00:00
redhatcve
redhatcve
CVE-2017-7961
2017-05-11 13:49:57
prion
prion
Design/Logic Flaw
2017-04-19 15:59:00
cve
cve
CVE-2017-7961
2017-04-19 15:59:00
debiancve
debiancve
CVE-2017-7961
2017-04-19 15:59:00
ubuntucve
ubuntucve
CVE-2017-7961
2017-04-19 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : libcroco (EulerOS-SA-2019-2203)
2019-11-08 00:00:00
GLSA-201707-13 : libcroco: Multiple vulnerabilities
2017-07-10 00:00:00
Debian DLA-909-1 : libcroco security update
2017-04-24 00:00:00
gentoo
gentoo
libcroco: Multiple vulnerabilities
2017-07-09 00:00:00
osv
osv
libcroco - security update
2017-04-23 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-909-1)
2018-01-16 00:00:00
Huawei EulerOS: Security Advisory for libcroco (EulerOS-SA-2020-1251)
2020-03-13 00:00:00
Huawei EulerOS: Security Advisory for libcroco (EulerOS-SA-2019-2203)
2020-01-23 00:00:00
debian
debian
[SECURITY] [DLA 909-1] libcroco security update
2017-04-23 11:46:37
mageia
mageia
Updated libcroco packages fix security vulnerability
2019-12-15 21:03:05
suse
suse
Security update for libcroco (moderate)
2019-06-18 00:00:00