CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

CVE-2017-16231

In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match in pcreexec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is use...

Design/Logic Flaw

An issue was discovered in Poppler 0.74.0. A recursive function call, in JBIG2Stream::readTextRegion located in JBIG2Stream.cc, can be triggered by sending a crafted pdf file to for example the pdfimages binary. It allows an attacker to cause Denial of Service Segmentation fault or possibly have...

CVE-2019-6245

An issue was discovered in Anti-Grain Geometry AGG 2.4 as used in SVG++ aka svgpp 1.2.3. In the function agg::cellaa::notequal, dx is assigned to x2 - x1. If dx = dxlimit, which is 16384 polysubpixelshift, this function will call itself recursively. There can be a situation where x2 - x1 is alway...

openSUSE Security Update : poppler (openSUSE-2017-883)

This update for poppler fixes the following issues : Security issues fixed : - CVE-2017-9775: DoS stack-based buffer overflow in GfxState.cc in pdftocairo via a crafted PDF document bsc1045719 - CVE-2017-9776: DoS integer overflow leading to heap buffer overflow in JBIG2Stream.cc via a crafted PD...

Qemu: usb: xhci infinite recursive call via xhci_kick_ep

QEMU aka Quick Emulator, when built with USB xHCI controller emulator support, allows local guest OS privileged users to cause a denial of service infinite recursive call via vectors involving control transfer descriptors sequencing...

Internet Bug Bounty: imagefilltoborder stackoverflow on truecolor images

Upstream Bug --- https://bugs.php.net/bug.php?id=72696 Summary -- Invalid color causes stack exhaustion by recursive call to function gdImageFillToBorder when the image used is truecolor. This was tested on a 64 bits platform. GDB debugging -- gdb -q --args /home/operac/php-70-sinasan/sapi/cli/ph...

Code injection

An issue was discovered in Asterisk Open Source 13.12.x and 13.13.x before 13.13.1 and 14.x before 14.2.1. If an SDP offer or answer is received with the Opus codec and with the format parameters separated using a space the code responsible for parsing will recursively call itself until it crashe...

Oracle OIT IX SDK libvs_pdf Root xref Denial of Service Vulnerabiity

Talos Vulnerability Report TALOS-2016-0099 Oracle OIT IX SDK libvspdf Root xref Denial of Service Vulnerabiity July 19, 2016 CVE Number CVE-2016-3577 DESCRIPTION A stack overflow leading to a crash due to unbounded recusive function call is present in the PDF file format parsing code of the IX SD...

Oracle Linux 5 : kernel (ELSA-2013-1034)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2013-1034 advisory. - Revert: kernel kmod: make requestmodule killable Frantisek Hrbata 858752 858753 CVE-2012-4398 - Revert: kernel kmod: avoid deadlock from recursive km...

SuSE 11.1 Security Update : Mozillla Firefox (SAT Patch Number 4104)

Mozilla Firefox has been updated to version 3.6.15, fixing the following security issues : - Several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products have been identified and fixed. Some of these bugs showed evidence of memory corruption under certain...