516 matches found
CVE-2017-1000211
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTMLputstring can append a chunk onto itself...
Lynx 'HTML.c:HTML_put_string()' memory misreference vulnerability
Lynx is a text-only web browser. html parser is one of the HTML parsers. A memory misreference vulnerability exists in Lynx 'HTML.c:HTMLputstring'. An attacker could exploit this vulnerability to cause a memory leak...
Debian DLA-1175-1 : lynx-cur security update
It was discovered that there was a use-after-free vulnerability in the HTML parser of lynx-cur, a terminal-based web browser. This could have led to memory/information disclosure. For Debian 7 'Wheezy', this issue has been fixed in lynx-cur version 2.8.8dev.12-2+deb7u2. We recommend that you...
[SECURITY] [DLA 1175-1] lynx-cur security update
Package : lynx-cur Version : 2.8.8dev.12-2+deb7u2 CVE ID : CVE-2017-1000211 It was discovered that there was a use-after-free vulnerability in the HTML parser of lynx-cur, a terminal-based web browser. This could have led to memory/information disclosure. For Debian 7 "Wheezy", this issue has bee...
CVE-2017-1000211
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTMLputstring can append a chunk onto itself...
DEBIAN-CVE-2017-1000211
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTMLputstring can append a chunk onto itself...
CVE-2017-1000211
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTMLputstring can append a chunk onto itself...
Design/Logic Flaw
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTMLputstring can append a chunk onto itself...
UBUNTU-CVE-2017-1000211
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTMLputstring can append a chunk onto itself...
CVE-2017-1000211
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTMLputstring can append a chunk onto itself...
CVE-2017-1000211
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTMLputstring can append a chunk onto itself...
CVE-2017-1000211
CVE-2017-1000211 affects Lynx up to 2.8.9dev.16, where a use-after-free in the HTML parser (HTML_put_string) can lead to memory disclosure. The issue is triggered by the parser potentially appending a chunk to itself, enabling memory disclosure on affected builds. Reported in multiple advisories ...
CVE-2017-1000211
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTMLputstring can append a chunk onto itself...
Cloudflare CTO Goes Inside the Cloudbleed Bug
MADRID—John Graham-Cumming presided over a confessional Wednesday at Virus Bulletin 2017. Cloudflare’s chief technology officer was frank and apologetic about February’s Cloudbleed bug, which leaked memory from the content delivery network that included internal private keys and authentication...
libxml2 Denial of Service Vulnerability (CNVD-2017-07341)
Libxml2 is an XML C parser and toolkit developed for the Gnome project but available outside of the Gnome platform, and it is free software under the MIT license. A denial of service vulnerability exists in the htmlParseTryOrFinish function in HTMLparser.c in libxml2. A remote attacker could...
UBUNTU-CVE-2017-8872
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service buffer over-read or information disclosure...
DEBIAN-CVE-2017-8872
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service buffer over-read or information disclosure...
CVE-2017-8872
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service buffer over-read or information disclosure...
CVE-2017-8872
The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service buffer over-read or information disclosure...
openSUSE Security Update : Mozilla Thunderbird (openSUSE-2016-848)
This update contains Mozilla Thunderbird 45.2. boo983549 It fixes security issues mostly affecting the e-mail program when used in a browser context, such as viewing a web page or HTMl formatted e-mail. The following vulnerabilities were fixed : - CVE-2016-2818, CVE-2016-2815: Memory safety bugs...