Important: libgsf

Issue Overview: An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library libgsf version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows fo...

Updated libgsf packages fix security vulnerabilities

An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library libgsf version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-boun...

DEBIAN-CVE-2024-42415

An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library libgsf. A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector...

CVE-2024-42415

An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library libgsf. A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector...

UBUNTU-CVE-2024-36474

An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library libgsf version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-boun...

CVE-2024-42415

CVE-2024-42415 is a libgsf (GNOME Structured File Library) vulnerability affecting version 1.14.52, where an integer overflow in the Compound Document Binary File format parser can trigger a heap-based buffer overflow during sector allocation table processing, enabling arbitrary code execution. T...

CVE-2024-42415

An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library libgsf. A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector...

CVE-2024-42415

An integer overflow vulnerability exists in the Compound Document Binary File format parser of v1.14.52 of the GNOME Project G Structured File Library libgsf. A specially crafted file can result in an integer overflow that allows for a heap-based buffer overflow when processing the sector...

CVE-2024-36474

Summary: CVE-2024-36474 affects the GNOME libgsf library (G Structured File Library), specifically the Compound Document Binary File format parser in version 1.14.52. A crafted file can trigger an integer overflow while processing the directory, allowing an out-of-bounds access and potentially ar...

CVE-2024-36474

An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library libgsf version v1.14.52. A specially crafted file can result in an integer overflow when processing the directory from the file that allows for an out-of-boun...

GNOME Project G Structured File Library 安全漏洞

GNOME Project G Structured File Library GNOME libgsf is a GNOME project open-sourced by GNOME. It provides an abstraction layer for different structured file formats. A security vulnerability exists in GNOME Project G Structured File Library version v1.14.52, which stems from the presence of an...

GNOME Project G Structured File Library (libgsf) Compound Document Binary File Sector Allocation Table integer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2069 GNOME Project G Structured File Library libgsf Compound Document Binary File Sector Allocation Table integer overflow vulnerability October 3, 2024 CVE Number CVE-2024-42415 SUMMARY An integer overflow vulnerability exists in the Compound Document Binary...

PT-2024-7266 · Gnome +5 · Libgsf +5

Name of the Vulnerable Software and Affected Versions: GNOME Project G Structured File Library libgsf version v1.14.52 Description: An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library libgsf. A specially crafte...

[SECURITY] Fedora 40 Update: stb-0^20240213gitae721c5-6.fc40

Single-file public domain libraries for C/C++...

RHEL 6 : audiofile (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - audiofile: Heap-based buffer overflow in Expand3To4Module::run when running sfconvert CVE-2018-17095 -...

MGASA-2023-0336 Updated audiofile packages fix a security vulnerability

The updated packages fix a security vulnerability In autofile Audio File Library 0.3.6, there exists one memory leak vulnerability in printfileinfo, in printinfo.c, which allows an attacker to leak sensitive information via a crafted file. The printfileinfo function calls the copyrightstring...

[SECURITY] Fedora 37 Update: audiofile-0.3.6-36.fc37

The Audio File library is an implementation of the Audio File Library from SGI, which provides an API for accessing audio file formats like AIFF/AIFF-C, WAVE, and NeXT/Sun .snd/.au files. This library is used by the EsounD daemon. Install audiofile if you are installing EsounD or you need an API...

[SECURITY] Fedora 38 Update: audiofile-0.3.6-36.fc38

The Audio File library is an implementation of the Audio File Library from SGI, which provides an API for accessing audio file formats like AIFF/AIFF-C, WAVE, and NeXT/Sun .snd/.au files. This library is used by the EsounD daemon. Install audiofile if you are installing EsounD or you need an API...

Fedora: Security Advisory for audiofile (FEDORA-2023-07669abb35)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the MP4SdpAtom::Read() function in the atom_sdp.cpp component of the library for creating, modifying, and reading MP4 files, mp4v2, allows a malicious actor to cause a service failure.

The vulnerability of the MP4SdpAtom::Read function in the atomsdp.cpp component of the library for creating, modifying, and reading MP4 files in mp4v2 is related to a memory leak. Exploiting this vulnerability could allow an attacker to cause a service failure...