77 matches found
EUVD-2021-22575
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-12613
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may...
CVE-2017-12613 affecting package apr for versions less than 1.6.3-1
CVE-2017-12613 affecting package apr for versions less than 1.6.3-1. A patched version of the package is available...
RHEL 6 : httpd24-apr (RHSA-2018:0316)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0316 advisory. The Apache Portable Runtime APR is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data...
RHEL 5 : apr (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - apr: Out-of-bounds array deref in aprtimeexp functions CVE-2017-12613 - tables/aprhash.c in the Apache...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerability in APR-util (CVE-2017-12613)
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerability in APR-util. Vulnerability Details CVEID: CVE-2017-12613 DESCRIPTION: Apache Portable Runtime APR could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds array...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Network Manager IP Edition (CVE-2017-12613).
Summary IBM WebSphere Application Server is shipped with IBM Tivoli Network Manager IP Edition versions 3.9 and 4.1.1; IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager IP Edition version 4.2. Information about a security vulnerability affecting IBM HTTP Server...
Amazon Linux 2023 : apr, apr-devel (ALAS2023-2023-016)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-016 advisory. An out-of-bounds array read in the aprtimeexp functions was fixed in the Apache Portable Runtime 1.6.3 release CVE-2017-12613. The fix for this issue was not carried forward to the APR 1.7.x...
K52319810: Apache Portable Runtime vulnerability CVE-2017-12613
Security Advisory Description When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an aprtimeexpt value, potentially revealing the contents of a...
SUSE CVE-2017-12613
When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an aprtimeexpt value, potentially revealing the contents of a different static heap value or...
Slackware: Security Advisory (SSA:2023-032-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[slackware-security] apr
New apr packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/apr-1.7.2-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Integer Overflow or Wraparound vulnerability in aprencode...
Slackware Linux 15.0 / current apr Multiple Vulnerabilities (SSA:2023-032-01)
The version of apr installed on the remote host is prior to 1.7.2. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-032-01 advisory. - When aprtimeexp or aprosexptime functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 a...
Out-Of-Bounds Read
An out-of-bounds array read in the aprtimeexp functions was fixed in the Apache Portable Runtime 1.6.3 release CVE-2017-12613. The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue...
Format string
An out-of-bounds array read in the aprtimeexp functions was fixed in the Apache Portable Runtime 1.6.3 release CVE-2017-12613. The fix for this issue was not carried forward to the APR 1.7.x branch, and hence version 1.7.0 regressed compared to 1.6.3 and is vulnerable to the same issue...
SUSE: Security Advisory (SUSE-SU-2018:1322-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:1196-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2021-1097 apr security update
Security Fixes: An out-of-bounds array dereference was found in aprtimeexpget. An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.CVE-2017-12613...
Huawei EulerOS: Security Advisory for apr (EulerOS-SA-2017-1303)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for apr (EulerOS-SA-2017-1304)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...