6 matches found
Design/Logic Flaw
In the addmatch function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code...
CVE-2017-16544
In the addmatch function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code...
CVE-2017-15874
archival/libarchive/decompressunlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation...
Integer overflow
archival/libarchive/decompressunlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation...
CVE-2017-15874
archival/libarchive/decompressunlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation...
Integer overflow
The getnextblock function in archival/libarchive/decompressbunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation...