1146 matches found
DEBIAN-CVE-2015-8389
PCRE before 8.38 mishandles the /?:|a|100x/ pattern and related patterns, which allows remote attackers to cause a denial of service infinite recursion or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konquero...
PCRE Denial of Service Vulnerability (CNVD-2015-07884)
PCRE Perl Compatible Regular Expressions is a software developer Philip Hazel developed a use of C language written in open source regular expression library. A security vulnerability exists in PCRE versions prior to 8.38, which stems from the program's failure to properly handle the '/? :|a|100x...
pcre: infinite recursion compiling pattern with zero-repeated groups that include recursive back reference (8.36/19)
PCRE before 8.36 mishandles the /a\2|a\g/ pattern and related patterns with certain internal recursive back references, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a...
CVE-2006-6297
Stack consumption vulnerability in the KFILE JPEG kfilejpeg plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service stack consumption via a crafted EXIF section in a JPEG file, which results in an infinite recursio...
The vulnerability of the Internet Information Services software allows a perpetrator to cause service failures.
The Internet Information Services software package contains a vulnerability in the ftpsvc2.dll module, located in the C:\Windows\system32\inetsrv directory. Using this module causes exhaustion of the stack when processing a special command argument “LIST”. This occurs due to a recursive function...
kernel: udf: Avoid infinite loop when processing indirect ICBs
A stack overflow flaw caused by infinite recursion was found in the way the Linux kernel's Universal Disk Format UDF file system implementation processed indirect Information Control Blocks ICBs. An attacker with physical access to the system could use a specially crafted UDF image to crash the...
SuSE 11.3 Security Update : perl (SAT Patch Number 9858)
This update fixes a memory leak and an infinite recursion in Data::Dumper. CVE-2014-4330 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc. if...
SUSE-RU-2015:0562-1 Security update for perl
This update fixes a memory leak and an infinite recursion in Data::Dumper. CVE-2014-4330 Security Issues: CVE-2014-4330...
Linux Kernel 2.6.x NETLINK_FIB_LOOKUP Local Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23677/info The Linux kernel is prone to a denial-of-service vulnerability. This issue presents itself when a NETLINK message is misrouted. A local attacker may exploit this issue to trigger an infinite-recursion stack-bas...
openSUSE Security Update : gpg2 (openSUSE-SU-2013:1546-1)
gpg2 was updated to fix a denial of service attack through infinite recursion in the compressed packet parser bnc844175 CVE-2013-4402. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
Mandriva Linux Security Advisory : file (MDVSA-2014:051)
Updated file package fixes security vulnerability : It was discovered that file before 5.17 contains a flaw in the handling of indirect magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files CVE-2014-1943. Additionally,...
MGASA-2014-0092 Updated file package fixes security vulnerability
It was discovered that file before 5.17 contains a flaw in the handling of "indirect" magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files CVE-2014-1943. Additionally, other well-crafted files might result in long...
Updated file package fixes security vulnerability
It was discovered that file before 5.17 contains a flaw in the handling of "indirect" magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files CVE-2014-1943. Additionally, other well-crafted files might result in long...
CVE-2014-1943
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
CVE-2014-1943
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
DEBIAN-CVE-2014-1943
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
CVE-2014-1943
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...
CVE-2014-1943
CVE-2014-1943 affects the file(1) utility and its libmagic component. A crafted indirect offset value in the file(1) magic can cause context-dependent attackers to trigger infinite recursion, CPU exhaustion, and a crash, i.e., denial of service. The vulnerability is described as applicable to fil...
[SECURITY] [DSA 2861-1] file security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2861-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso February 16, 2014 http://www.debian.org/security/faq -...
file -- denial of service
The Fine Free file project reports: file before 5.17 allows context-dependent attackers to cause a denial of service infinite recursion, CPU consumption, and crash via a crafted indirect offset value in the magic of a file...