36 matches found
CVE-2016-9888
An error within the "tardirectoryforfile" function gsf-infile-tar.c in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file...
CVE-2016-9888
The CVE-2016-9888 vulnerability affects GNOME Structured File Library (libgsf) before 1.14.41. The issue arises in tar_directory_for_file() within gsf-infile-tar.c, where a crafted TAR file can trigger a NULL pointer dereference, leading to a crash. Multiple connected advisories confirm the affec...
CVE-2016-9888
An error within the "tardirectoryforfile" function gsf-infile-tar.c in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file...
CVE-2016-9888
An error within the "tardirectoryforfile" function gsf-infile-tar.c in GNOME Structured File Library before 1.14.41 can be exploited to trigger a Null pointer dereference and subsequently cause a crash via a crafted TAR file...
Oracle Linux 3 / 4 : libgsf (ELSA-2007-0011)
From Red Hat Security Advisory 2007:0011 : Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNOME Structured File Library is a utility library for reading and writing...
RHEL 3 / 4 : libgsf (RHSA-2007:0011)
Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNOME Structured File Library is a utility library for reading and writing structured file formats. A heap based buff...
CentOS 3 / 4 : libgsf (CESA-2007:0011)
Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNOME Structured File Library is a utility library for reading and writing structured file formats. A heap based buff...
libgsf security update
CentOS Errata and Security Advisory CESA-2007:0011 Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNOME Structured File Library is a utility library for reading and...
Moderate: Red Hat Security Advisory: libgsf security update
Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNOME Structured File Library is a utility library for reading and writing structured file formats. A heap based buff...
security flaw
Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...
LibGSF远程堆溢出漏洞
GNOME Structured File Library是一款勇于读取和写结构文件格式的工具库 GNOME Structured File Library存在堆溢出问题,远程攻击者可以利用漏洞以链接此库的应用程序进程权限执行任意指令。 问题存在于'oleinitinfo'函数中,此函数当分配内存时只分配'numbat'指定的数目大小,当读取文件内容时,'nummetabat'指定的数目用于循环的边界,由于不正确的对变量进行验证,可导致堆溢出,精心构建恶意文件内容。诱使用户解析,可以链接此库的应用程序进程权限执行任意指令。 libgsf libgsf 1.14.1 libgsf libg...
iDefense Security Advisory 11.30.06: Multiple Vendor libgsf Heap Overflow Vulnerability
Multiple Vendor libgsf Heap Overflow Vulnerability iDefense Security Advisory 11.30.06 http://labs.idefense.com/intelligence/vulnerabilities/ Nov 30, 2006 I. BACKGROUND The GNOME Structured File Library is a utility library for reading and writing structured file formats. This library replaces...
CVE-2006-4514
Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...
CVE-2006-4514
Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...
CVE-2006-4514
Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...
CVE-2006-4514
Heap-based buffer overflow in the oleinforeadmetabat function in Gnome Structured File library libgsf 1.14.0, and other versions before 1.14.2, allows context-dependent attackers to execute arbitrary code via a large nummetabat value in an OLE document, which causes the oleinitinfo function to...