PT-2018-18407 · Afflib +2 · Afflib +2

Name of the Vulnerable Software and Affected Versions: AFFLIB versions 3.7.16 and earlier Description: The issue allows remote attackers to cause a denial of service, resulting in a segmentation fault, by providing a corrupt AFF image that triggers an unexpected pagesize value in the af get page...

CVE-2007-2056

Rejected reason: The getlock function in aimage/aimage.cpp in AFFLIB 2.2.8 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary lock files aka "time-of-check-time-of-use file race". NOTE: the researcher has retracted the original advisory, stating that "th...