Lucene search
K

107 matches found

Positive Technologies
Positive Technologies
added 2021/08/10 12:0 a.m.6 views

PT-2021-7822 · Xmill · Xmill

Name of the Vulnerable Software and Affected Versions: Xmill version 0.7 Description: A stack-based buffer overflow issue exists in the command-line-parsing HandleFileArg functionality. The filepattern argument, which is under user control, is passed to strcpy without length checks, leading to a...

7.8CVSS8.3AI score0.00333EPSS
Exploits1References8
CNNVD
CNNVD
added 2021/08/10 12:0 a.m.5 views

AT&T Labs Xmill 缓冲区错误漏洞

AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs, USA. A security vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem function in AT&T Labs Xmill version 0.7. An attacker could exploit the vulnerability to remotely execute code...

9.8CVSS7.8AI score0.02545EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2021/08/10 12:0 a.m.6 views

PT-2021-7814 · Xmill · Xmill

Name of the Vulnerable Software and Affected Versions: Xmill version 0.7 Description: A memory corruption issue exists in the XML-parsing CreateLabelOrAttrib functionality. This can be triggered by a specially crafted XML file, leading to a heap buffer overflow. An attacker can exploit this by...

10CVSS8.6AI score0.01136EPSS
Exploits1References10
Talos
Talos
added 2021/08/10 12:0 a.m.39 views

AT&T Labs Xmill XML parsing ParseAttribs memory corruption vulnerability

Summary A memory corruption vulnerability exists in the XML-parsing ParseAttribs functionality of AT&T Labs’ Xmill 0.7. A specially crafted XML file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions AT&T Labs Xmill 0.7...

9.8CVSS9.3AI score0.01136EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2021/08/10 12:0 a.m.6 views

PT-2021-7820 · At&T · At&T Labs Xmill

Name of the Vulnerable Software and Affected Versions: AT&T Labs Xmill version 0.7 Description: A heap-based buffer overflow issue exists in the XML Decompression DecodeTreeBlock functionality. Within DecodeTreeBlock, which is called during the decompression of an XMI file, a UINT32 is loaded fro...

9.8CVSS8.6AI score0.01136EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2021/05/10 12:0 a.m.3 views

PT-2021-7765 · Xmill · Xmill

Name of the Vulnerable Software and Affected Versions: Xmill version 0.7 Description: The issue is related to a heap-based buffer overflow error in the Decompression EnumerationUncompressor::UncompressItem function when handling XML files. This can be exploited by a remote attacker to execute...

9.8CVSS8.7AI score0.02545EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2021/02/10 12:0 a.m.5 views

PT-2021-7816 · Xmill · Xmill

Name of the Vulnerable Software and Affected Versions: Xmill version 0.7 Description: A heap-based buffer overflow issue exists in the XML Decompression LabelDict::Load functionality. This can be triggered by a specially crafted XMI file, potentially leading to remote code execution. An attacker...

9.8CVSS8.7AI score0.02274EPSS
Exploits1References11
Rows per page
Query Builder