lrzip 'get_fileinfo' function stack overflow vulnerability

lrzip is an open source compression utility for large files. A stack overflow vulnerability exists in the lrzip 'getfileinfo' function, which allows remote attackers to exploit the vulnerability by submitting a special file and tricking the user into parsing it, which can crash the application...

lrzip 'get_fileinfo' function stack overflow vulnerability

lrzip is an open source compression utility for large files. A stack overflow vulnerability exists in the lrzip 'getfileinfo' function, which allows remote attackers to exploit the vulnerability by submitting a special file and tricking the user into parsing it, which can crash the application...

DEBIAN-CVE-2017-9928

In lrzip 0.631, a stack buffer overflow was found in the function getfileinfo in lrzip.c:979, which allows attackers to cause a denial of service via a crafted file...

PT-2017-19292 · Lrzip +1 · Lrzip +1

Name of the Vulnerable Software and Affected Versions: lrzip version 0.631 Description: A stack buffer overflow was found in the get fileinfo function in lrzip.c at line 1074, which allows attackers to cause a denial of service via a crafted file. Recommendations: For lrzip version 0.631, conside...

PT-2017-19291 · Lrzip +1 · Lrzip +1

Name of the Vulnerable Software and Affected Versions: lrzip version 0.631 Description: A stack buffer overflow was found in the get fileinfo function in lrzip.c, which allows attackers to cause a denial of service via a crafted file. Recommendations: For lrzip version 0.631, as a temporary...

file: Buffer over-write in finfo_open with malformed magic file

The filecheckmem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5, mishandles continuation-level jumps, which allows context-dependent attackers to cause a denial of service buffer overflow and application...

PHP < 5.6.0 DoS Vulnerability - Linux

PHP is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

PHP File Vault 0.9 - Directory Traversal

PHP File Vault 0.9 - Directory Traversal PHP File Vault version 0.9 , remote directory traversal and read file vulnerabilty ================================================================================== Discovered by NA, NAattutanota.com ====================================== Description...

The vulnerability of the PHP interpreter allows a remote attacker to gain access to memory areas beyond the application’s boundaries, or cause the application to terminate abnormally.

The vulnerability of the PHP interpreter in the mconvert function located in the Fileinfo component’s script, softmagic.c causes an error in the pointer to the field that stores the length of the string under certain copy scenarios. As a result, a malicious actor can gain access to memory areas...

Vulnerability of PHP software, allowing a malicious actor to compromise the accessibility of protected information

A vulnerability exists in the cdfcountchain function in the cdf.c file of the Fileinfo component in PHP, due to improper data validation for the sector counters. Exploitation of this vulnerability allows malicious actors to induce a service failure abnormal termination of the application by using...

Vulnerability of PHP software, allowing a malicious actor to compromise the accessibility of protected information

Overfilling the buffer in the mconvert function in softmagic.c, within the Fileinfo component for PHP, allows malicious individuals operating remotely to cause a service failure abrupt termination of the application, by using specially crafted strings in the FILEPSTRING transformations...

Vulnerability of PHP software, allowing a malicious actor to compromise the accessibility of protected information

A vulnerability exists in the cdfcheckstreamoffset function in the cdf.c file of the Fileinfo component in PHP, due to the use of incorrect sector size data. Exploiting this vulnerability allows malicious actors to cause a service failure abnormal termination of the application by utilizing a...

Vulnerability of PHP software, allowing a malicious actor to compromise the accessibility of protected information

The vulnerability in the cdfreadshortsector function in the cdf.c file of the Fileinfo component in PHP allows malicious actors operating remotely to trigger a service failure a denial-of-service attack by using specially crafted CDF files...

Vulnerability of PHP software, allowing a malicious actor to compromise the accessibility of protected information

A numerical overflow in the cdfreadpropertyinfo function in the cdf.c file of the Fileinfo component in PHP allows malicious actors operating remotely to cause a service failure abrupt termination of the application by using a specially crafted CDF file...

The vulnerability of the PHP interpreter allows a remote attacker to trigger a service failure or cause other effects on the system.

The vulnerability of the PHP interpreter in the file module fileinfo for the Fileinfo component lies in the incomplete reading of available data during a pread call. Exploiting this vulnerability allows an attacker to cause service failures by accessing uninitialized memory, or to otherwise affec...

Vulnerability of PHP software, allowing a malicious actor to compromise the accessibility of protected information

A vulnerability exists in the cdfreadpropertyinfo function of the Fileinfo component’s file in PHP, due to improper flow control. Exploitation of this vulnerability allows malicious actors to cause a service failure abnormal termination of the application by using specially crafted CDF files...

The vulnerability of the PHP interpreter, which allows a malicious attacker to trigger a service failure

The cdfreadpropertyinfo function in the cdf.c library of the Fileinfo component of the PHP interpreter has a vulnerability that allows a malicious actor to trigger a service denial using a specially created CDF file...

The vulnerability of the PHP interpreter allows attackers to trigger a service failure or execute arbitrary code.

The vulnerability of the mcopy function in the Fileinfo component of the PHP interpreter exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to cause service failure termination of the application or execute arbitrary code using a...

The vulnerability of the PHP interpreter allows attackers to trigger a service failure or execute arbitrary code.

The vulnerability of the mget function in the Fileinfo component of the PHP interpreter exists due to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to cause a service failure application termination or execute arbitrary code using a specially created...

Ubuntu: Security Advisory (USN-2984-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...