10 matches found
SUSE CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
CVE-2017-18196
Leptonica 1.74.4 constructs unintended pathnames containing duplicated path components when operating on files in /tmp subdirectories, which might allow local users to bypass intended file restrictions by leveraging access to a directory located deeper within the /tmp directory tree, as...
CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
Command injection
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
CVE-2018-3836
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an application that pass...
CVE-2018-3836
Leptonica 1.74.4 is affected by CVE-2018-3836 in gplotMakeOutput, where the gplot rootname can trigger a command injection leading to arbitrary code execution. This is a local-access vulnerability; CVSS base scores indicate HIGH severity. Public references and advisories note that an improved fix...
[SECURITY] Fedora 27 Update: leptonica-1.74.4-5.fc27
The library supports many operations that are useful on Document images Natural images Fundamental image processing and image analysis operations Rasterop aka bitblt Affine transforms scaling, translation, rotation, shear on images of arbitrary pixel depth Projective and bi-linear transforms Bina...
Leptonica Bypasses File Restriction Vulnerability
Leptonica is an open source system for image processing and image analysis applications. A security vulnerability exists in Leptonica version 1.74.4. A local attacker can exploit the vulnerability to bypass file restrictions...
CVE-2017-18196
CVE-2017-18196 – Leptonica path handling issue (local only) : Leptonica 1.74.4 constructs unintended pathnames containing duplicated components when operating on files under /tmp, potentially allowing a local user to bypass certain file restrictions by accessing a deeper /tmp path (e.g., /tmp/ANY...