SUSE CVE-2011-5268

connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service file descriptor consumption and crash via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550. NOTE: this issue was SPLIT from CVE-2013-4550 becaus...

SUSE CVE-2018-6560

In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon...

PT-2023-14754 · Apache · Mime4J

Name of the Vulnerable Software and Affected Versions: Apache James MIME4J versions prior to 0.8.9 Description: Unproper laxist permissions on the temporary files used by MIME4J TempFileStorageProvider may lead to information disclosure to other local users. Recommendations: For Apache James MIME...

CVE-2013-4550

Bip before 0.8.9, when running as a daemon, writes SSL handshake errors to an unexpected file descriptor that was previously associated with stderr before stderr has been closed, which allows remote attackers to write to other sockets and have an unspecified impact via a failed SSL handshake, a...

security flaw

Integer overflow in the WP6GeneralTextPacket::readContents function in WordPerfect Document importer/exporter libwpd before 0.8.9 allows user-assisted remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted WordPerfect file, a different...