logo
DATABASE RESOURCES PRICING ABOUT US

Debian DLA-2983-1 : abcm2ps - LTS security update

Description

The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2983 advisory. - Stack-based buffer overflow in the delayed_output function in music.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. (CVE-2018-10753) - Stack-based buffer overflow in the get_key function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. (CVE-2018-10771) - moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The impact is: Allows attackers to cause a denial of service attack via a crafted file. The component is: front.c, function txt_add. The fixed version is: after commit commit 08aef597656d065e86075f3d53fda89765845eae. (CVE-2019-1010069) - abcm2ps v8.14.11 was discovered to contain an out-of-bounds read in the function calculate_beam at draw.c. (CVE-2021-32434) - Stack-based buffer overflow in the function get_key in parse.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. (CVE-2021-32435) - An out-of-bounds read in the function write_title() in subs.c of abcm2ps v8.14.11 allows remote attackers to cause a Denial of Service (DoS) via unspecified vectors. (CVE-2021-32436) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.


Related