1104 matches found
UBUNTU-CVE-2018-17985
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplusdemangletype function making recursive calls to itself in certain scenarios involving many 'P' characters...
CVE-2018-17985
CVE-2018-17985 is a stack consumption vulnerability in GNU Binutils (libiberty), observed in cp-demangle.c with cplus_demangle_type performing recursive calls when many 'P' characters occur. The Astra Linux advisory mirrors this description, noting the issue in Binutils 2.31. The provided documen...
CVE-2018-17985
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption problem caused by the cplusdemangletype function making recursive calls to itself in certain scenarios involving many 'P' characters...
CVE-2018-17581
CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...
Design/Logic Flaw
CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...
PYSEC-2018-139
CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...
CVE-2018-17581
CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...
CVE-2018-17581
CVE-2018-17581 is associated with Exiv2 0.26. The vulnerability arises from excessive stack consumption caused by a recursive function in CiffDirectory::readDirectory() implemented in crwimage_int.cpp, leading to a denial of service. The connected documents corroborate a DoS impact for this CVE, ...
CVE-2018-17281
There is a stack consumption vulnerability in the reshttpwebsocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connecti...
CVE-2018-17281
There is a stack consumption vulnerability in the reshttpwebsocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connecti...
Stack overflow
There is a stack consumption vulnerability in the reshttpwebsocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connecti...
CVE-2018-17281
There is a stack consumption vulnerability in the reshttpwebsocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connecti...
CVE-2018-17281
CVE-2018-17281 affects the Asterisk res_http_websocket.so module and allows an attacker to crash Asterisk by sending a crafted HTTP Upgrade request to websocket. Affected: Asterisk up to 13.23.0, 14.7.x up to 14.7.7, 15.x up to 15.6.0, and Certified Asterisk up to 13.21-cert2. Consequences: denia...
CVE-2018-17281
There is a stack consumption vulnerability in the reshttpwebsocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connecti...
CVE-2018-17281
There is a stack consumption vulnerability in the reshttpwebsocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connecti...
Code injection
XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service stack consumption via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453...
CVE-2018-16369
XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service stack consumption via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453...
CVE-2018-16369
XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service stack consumption via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE: this might overlap CVE-2018-7453...
CVE-2018-15671
An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5Pgetcb in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service...
Denial of service
An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5Pgetcb in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service...