AT&T Labs Xmill XML decompression PlainTextUncompressor::UncompressItem heap-based buffer overflow vulnerability

Summary A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability...

PT-2021-7820 · At&T · At&T Labs Xmill

Name of the Vulnerable Software and Affected Versions: AT&T Labs Xmill version 0.7 Description: A heap-based buffer overflow issue exists in the XML Decompression DecodeTreeBlock functionality. Within DecodeTreeBlock, which is called during the decompression of an XMI file, a UINT32 is loaded fro...

Fedora: Security Advisory for suricata (FEDORA-2021-a8ebb71068)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 33 Update: suricata-5.0.7-1.fc33

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

The vulnerability in the `get_next_block` function of the `archival/libarchive/decompress_bunzip2.c` component of the BusyBox command-line utility tools on UNIX systems, related to integer overflows, allows a malicious actor to cause a service failure.

The vulnerability in the getnextblock function of the archival/libarchive/decompressbunzip2.c component of the BusyBox command-line utility set is related to a numerical overflow condition. Exploiting this vulnerability allows an attacker to cause a service failure remotely...

Grok 缓冲区错误漏洞

Grok is a regular expression that uses a combination of multiple predefined . A tool used to match split text and map to keywords. Often used to preprocess log data. A security vulnerability exists in Grok versions 7.6.6 through 9.2.0 that stems from a heap-based buffer overflow in the...

PowerISO DMG File Format Handler memory corruption vulnerability

Summary A memory corruption vulnerability exists in the DMG File Format Handler functionality of PowerISO 7.9. A specially crafted DMG file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. The vendor fixed it in a bug-release of the curre...

CVE-2021-21410

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function uncompresshdriphc does not perform proper boundary chec...

Out-of-bounds

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function uncompresshdriphc does not perform proper boundary chec...

Contiki-NG 缓冲区错误漏洞

Contiki-NG is an open source cross-platform operating system for next-generation IoT devices. An out-of-bounds read vulnerability exists in the 6LoWPAN implementation in Contiki-NG 4.6 and earlier. The vulnerability stems from the IPv6 header decompression function not performing proper boundary...

`grep-cli` may run arbitrary executables on Windows

On Windows in versions of grep-cli prior to 0.1.6, it's possible for some of the routines to execute arbitrary executables. In particular, a quirk of the Windows process execution API is that it will automatically consider the current directory before other directories when resolving relative...

UBUNTU-CVE-2020-25467

A null pointer dereference was discovered lzodecompressbuf in stream.c in Irzip 0.621 which allows an attacker to cause a denial of service DOS via a crafted compressed file...

SUSE: Security Advisory (SUSE-SU-2012:0997-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 34 Update: upx-3.96-9.fc34

UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...

Fedora: Security Advisory for upx (FEDORA-2021-ceb9db8de0)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Oracle Linux 8 : brotli (ELSA-2021-1702)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-1702 advisory. 1.0.6-3 - Resolves: CVE-2020-8927 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...

github.com/ulikunitz/xz fixes readUvarint Denial of Service (DoS)

Impact xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. Patches The problem has been fixed in release v0.5.8. Workarounds Limit the size ...

GHSA-25XM-HR59-7C27 github.com/ulikunitz/xz fixes readUvarint Denial of Service (DoS)

Impact xz is a compression and decompression library focusing on the xz format completely written in Go. The function readUvarint used to read the xz container format may not terminate a loop provide malicous input. Patches The problem has been fixed in release v0.5.8. Workarounds Limit the size ...

Cisco Email Security Appliance Zip Content Filter Bypass (cisco-sa-esa-zip-bypass-gbU4gtTg)

According to its self-reported version, Cisco Email Security Appliance ESA is affected by a vulnerability in the zip decompression engine due to improper handling of password-protected zip files. An unauthenticated, remote attacker can exploit this with a crafted zip file to bypass content filter...

brotli: buffer overflow when input chunk is larger than 2GiB

A buffer overflow flaw was found in the Brotli library where an attacker could control the input length of a "one-shot" decompression request to a script that can trigger a crash. This issue can happen when copying chunks of data larger than 2 GiB...