Code injection

Array index error in smaldecodesegment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes...

CVE-2015-8366

CVE-2015-8366 : In LibRaw, an array index error in the smal_decode_segment function prior to 0.17.1 can enable context-dependent attackers to trigger memory errors and possibly execute arbitrary code via index-related vectors. Several connected sources confirm the issue is tied to LibRaw before 0...

CVE-2015-8366

Array index error in smaldecodesegment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes...

CVE-2015-8366

Array index error in smaldecodesegment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes...

CVE-2008-0073

Array index error in the sdpplinparse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter...

CVE-2019-12259

Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component. There is an IPNET security vulnerability: DoS via NULL dereference in IGMP parsing...

CVE-2019-2326

The CVE-2019-2326 issue affects a wide range of Qualcomm Snapdragon families. Data tokens from ADSP are used without validation as an index into an array, causing out-of-bounds access in components across Snapdragon Auto, Compute, Connectivity, IOT variants, Wearables, and related SDM/SDX platfor...

EulerOS Virtualization 3.0.1.0 : cvs (EulerOS-SA-2019-1455)

According to the version of the cvs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Array index error in the applyrcschange function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containin...

Arbitrary Code Execution

kernel-rt is vulnerable to arbitrary code execution. The vulnerability exists as an array index error in the logidjrawevent function could allow physical attackers to execute arbitrary code through the value of REPORTTYPENOTIFDEVICEUNPAIRED...

Denial Of Service

PostgreSQL is vulnerable to denial of service DoS attack. The attack exists because of failure to have proper the enumrecv function declaration in backend/utils/adt/enum.c causes an array index error, leading to a heap-based out-of-bounds buffer read flaw. Therefore, an unprivileged database user...

Denial Of Service (DoS)

php is vulnerable to denial of service DoS attacks. The vulnerability exists through an Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD...

Denial Of Service (DoS)

net-snmp is vulnerable to denial of service DoS attacks. The vulnerability exists through an array index error in the handlensExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service out-of-bounds read and snmpd...

SUSE SLED12 / SLES12 Security Update : transfig (SUSE-SU-2018:0231-1)

This update for transfig fixes the following issues: Security issue fixed : - CVE-2017-16899: Fix array index error in the fig2dev program bsc1069257. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted t...

SUSE-SU-2018:0232-1 Security update for transfig

This update for transfig fixes the following issues: Security issue fixed: - CVE-2017-16899: Fix array index error in the fig2dev program bsc1069257...

SUSE-SU-2018:0231-1 Security update for transfig

This update for transfig fixes the following issues: Security issue fixed: - CVE-2017-16899: Fix array index error in the fig2dev program bsc1069257...

CVE-2017-16899

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the readtextobject functions in read.c and read13.c...

CVE-2017-16899

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the readtextobject functions in read.c and read13.c...

Format string

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the readtextobject functions in read.c and read13.c...

CVE-2017-16899

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the readtextobject functions in read.c and read13.c...

CVE-2017-16899

CVE-2017-16899 affects the Xfig figure conversion tool (fig2dev) in the fig2dev program, with an array index error related to a negative font value in dev/gentikz.c and in the read_textobject routines (read.c and read1_3.c). The vulnerability can allow remote attackers to cause a denial-of-servic...