107 matches found
PT-2021-7822 · Xmill · Xmill
Name of the Vulnerable Software and Affected Versions: Xmill version 0.7 Description: A stack-based buffer overflow issue exists in the command-line-parsing HandleFileArg functionality. The filepattern argument, which is under user control, is passed to strcpy without length checks, leading to a...
AT&T Labs Xmill 缓冲区错误漏洞
AT&T Labs Xmill is a new tool for efficiently compressing XML data from AT&T Labs, USA. A security vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem function in AT&T Labs Xmill version 0.7. An attacker could exploit the vulnerability to remotely execute code...
PT-2021-7814 · Xmill · Xmill
Name of the Vulnerable Software and Affected Versions: Xmill version 0.7 Description: A memory corruption issue exists in the XML-parsing CreateLabelOrAttrib functionality. This can be triggered by a specially crafted XML file, leading to a heap buffer overflow. An attacker can exploit this by...
AT&T Labs Xmill XML parsing ParseAttribs memory corruption vulnerability
Summary A memory corruption vulnerability exists in the XML-parsing ParseAttribs functionality of AT&T Labs’ Xmill 0.7. A specially crafted XML file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions AT&T Labs Xmill 0.7...
PT-2021-7820 · At&T · At&T Labs Xmill
Name of the Vulnerable Software and Affected Versions: AT&T Labs Xmill version 0.7 Description: A heap-based buffer overflow issue exists in the XML Decompression DecodeTreeBlock functionality. Within DecodeTreeBlock, which is called during the decompression of an XMI file, a UINT32 is loaded fro...
PT-2021-7765 · Xmill · Xmill
Name of the Vulnerable Software and Affected Versions: Xmill version 0.7 Description: The issue is related to a heap-based buffer overflow error in the Decompression EnumerationUncompressor::UncompressItem function when handling XML files. This can be exploited by a remote attacker to execute...
PT-2021-7816 · Xmill · Xmill
Name of the Vulnerable Software and Affected Versions: Xmill version 0.7 Description: A heap-based buffer overflow issue exists in the XML Decompression LabelDict::Load functionality. This can be triggered by a specially crafted XMI file, potentially leading to remote code execution. An attacker...