PT-2017-13078 · Tsk +1 · The Sleuth Kit +1

Name of the Vulnerable Software and Affected Versions: The Sleuth Kit TSK version 4.4.2 Description: The issue is triggered by opening a crafted disk image, leading to infinite recursion in the dos load ext table function in tsk/vs/dos.c in libtskvs.a, as demonstrated by mmls. Recommendations: Fo...

bind: Too long query name causes segmentation fault in lwresd

It was found that the lightweight resolver protocol implementation in BIND could enter an infinite recursion and crash when asked to resolve a query name which, when combined with a search list entry, exceeds the maximum allowable length. A remote attacker could use this flaw to crash lwresd or...

thrift: Infinite recursion via vectors involving the skip function

A vulnerability was discovered in Apache Thrift client libraries that allows remote, authenticated attackers to cause an infinite recursion via vectors involving the skip function; resulting in a denial of service DoS condition...

Qemu: usb: xhci infinite recursive call via xhci_kick_ep

QEMU aka Quick Emulator, when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service infinite recursive call via vectors involving control transfer descriptors sequencing...

The vulnerability of the crypto/ahash.c component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the crypto/ahash.c component in the Linux operating system is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability allows a remote attacker to cause a service failure the API interface calls its own callback and triggers infinit...

About the security content of tvOS 10.2 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...

Design/Logic Flaw

The client libraries in Apache Thrift before 0.9.3 might allow remote authenticated users to cause a denial of service infinite recursion via vectors involving the skip function...

CVE-2015-3254

Apache Thrift client libraries before 0.9.3 are affected by CVE-2015-3254, which could allow a remote authenticated user to trigger a denial of service via infinite recursion in the skip function. Impact is a partial denial of service (availability affected) with network access and no confidentia...

CVE-2015-3254

Removed by vendor...

PT-2017-6654 · Apache +1 · Apache Thrift +1

Name of the Vulnerable Software and Affected Versions: Apache Thrift versions prior to 0.9.3 Description: The issue allows remote authenticated users to cause a denial of service, specifically through infinite recursion, by exploiting vectors related to the skip function. Recommendations: For...

QPDF 'libqpdf/QPDFObjectHandle.cc' Denial of Service Vulnerability

QPDF is a command line program capable of structuring PDFs. The program can encrypt PDF files, analyze or change the internal structure of PDF files. A denial of service vulnerability exists in the libqpdf.a file in QPDF version 6.0.0. A remote attacker can exploit this vulnerability to cause a...

QPDF Denial of Service Vulnerability (CNVD-2017-08102)

QPDF is a command line program capable of structuring PDFs. The program can encrypt PDF files, analyze or change the internal structure of PDF files. A denial of service vulnerability exists in the libqpdf.a file in QPDF version 6.0.0. A remote attacker can exploit this vulnerability to cause a...

QPDF Denial of Service Vulnerability

QPDF is a command line program capable of structuring PDFs. The program can encrypt PDF files, analyze or change the internal structure of PDF files. A denial of service vulnerability exists in the libqpdf.a file in QPDF version 6.0.0. A remote attacker can exploit this vulnerability to cause a...

CVE-2017-9209

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2...

CVE-2017-9208

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1...

CVE-2017-9209

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2...

CVE-2017-9210

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3...

DEBIAN-CVE-2017-9210

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3...

ALPINE-CVE-2017-9208

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1...

DEBIAN-CVE-2017-9209

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service infinite recursion and stack consumption via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2...