CVE-2018-7453

Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml...

Xpdf 'AcroForm::scanField' function denial of service vulnerability

Xpdf is an open source PDF reader , it supports decoding LZW compressed format files as well as reading encrypted PDF files . Xpdf 4.00 version of the AcroForm.cc file of the 'AcroForm::scanField' function has a security vulnerability, the vulnerability stems from the program lack of loop...

PT-2018-3977 · Foolabs +2 · Xpdf +2

Name of the Vulnerable Software and Affected Versions: xpdf version 4.00 Description: The issue is related to infinite recursion in the AcroForm::scanField function in AcroForm.cc, which can be exploited to launch a denial of service attack via a specific pdf file due to the lack of loop checking...

CCN-lite Infinite Recursion Vulnerability

CCN-lite is a lightweight and functionally interoperable implementation of the CCNx protocol for XEROX PARC. An infinite recursion vulnerability exists in ccn-lite-ccnb2xml in versions of CCN-lite prior to 2.0.0. An attacker can exploit this vulnerability via a specially crafted file to trigger...

CVE-2017-12412

ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified impact via a crafted file, which triggers infinite recursion and a stack overflow...

CVE-2017-12412

ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified impact via a crafted file, which triggers infinite recursion and a stack overflow...

ALPINE-CVE-2018-6196

w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feedtableblocktag function in table.c does not prevent a negative indent value...

Design/Logic Flaw

w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feedtableblocktag function in table.c does not prevent a negative indent value...

CVE-2018-6196

w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feedtableblocktag function in table.c does not prevent a negative indent value...

CVE-2018-6196

w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feedtableblocktag function in table.c does not prevent a negative indent value...

w3m infinite recursion vulnerability

w3m is an open source text-based Web browser . A security vulnerability exists in HTMLlineproc0 in w3m 0.5.3 and earlier versions, which stems from the program's failure to limit negative indentation values. An attacker can exploit this vulnerability to cause a denial of service infinite recursio...

CVE-2018-6196

w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feedtableblocktag function in table.c does not prevent a negative indent value...

UBUNTU-CVE-2018-6196

w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feedtableblocktag function in table.c does not prevent a negative indent value...

jQuery Denial of Service Vulnerability

jQuery is an American programmer John Resig developed a set of open source , cross-browser JavaScript library . The library simplifies the operation between HTML and JavaScript , and has a modular , plug-in extensions and other features . A denial of service vulnerability exists in versions of...

CVE-2016-10707

jQuery 3.0.0-rc.1 is vulnerable to Denial of Service DoS due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit...

PT-2018-4879 · Jquery · Jquery

Name of the Vulnerable Software and Affected Versions: jquery versions 3.0.0-rc.1 Description: The issue arises due to the removal of logic that lowercased attribute names, leading to an infinite recursion when attribute getters use mixed-cased names for boolean attributes. This results in...

Debian DLA-1194-1 : libxml2 security update

CVE-2017-16931 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a '%' character in a DTD name. CVE-2017-16932 parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in paramet...

[SECURITY] [DLA 1194-1] libxml2 security update

Package : libxml2 Version : 2.8.0+dfsg1-7+wheezy11 CVE ID : CVE-2017-16931 CVE-2017-16932 CVE-2017-16931 parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the case of a % character in a DTD name...

CVE-2017-16932

parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities...

CVE-2017-16932

parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities...