10 matches found
EUVD-2017-11951
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-2808
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a...
SUSE CVE-2017-2808
An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger this...
Remote Code Execution (RCE)
ledger:eoan is vulnerable to remote code execution RCE. An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a...
Ledger-CLI Account Resolution Memory Misreference Vulnerability
Ledger is an accounting system that supports UNIX commands. A memory misreference vulnerability in Ledger-CLI account parsing allows remote attackers to exploit the vulnerability by submitting a journal file and tricking a user into parsing it, which could crash the application or execute arbitra...
CVE-2017-2808
An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger this...
DEBIAN-CVE-2017-2808
An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger this...
UBUNTU-CVE-2017-2808
An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger this...
CVE-2017-2808
An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger this...
Design/Logic Flaw
An exploitable use-after-free vulnerability exists in the account parsing component of the Ledger-CLI 3.1.1. A specially crafted ledger file can cause a use-after-free vulnerability resulting in arbitrary code execution. An attacker can convince a user to load a journal file to trigger this...