14 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-17440
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GNU Libextractor 1.6 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted GIF, IT Impulse Tracker,...
Ubuntu: Security Advisory (USN-4641-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS : libextractor vulnerabilities (USN-4641-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4641-1 advisory. It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service...
USN-4641-1: libextractor vulnerabilities
It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. CVE-2017-15266 It was discovered that Libextractor incorrectly handled certain FLAC metadata. An attacker could possibly use this issue to cause a deni...
USN-4641-1 libextractor vulnerabilities
It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. CVE-2017-15266 It was discovered that Libextractor incorrectly handled certain FLAC metadata. An attacker could possibly use this issue to cause a deni...
[ASA-201807-16] libextractor: denial of service
Arch Linux Security Advisory ASA-201807-16 ========================================== Severity: Medium Date : 2018-07-26 CVE-ID : CVE-2017-17440 Package : libextractor Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-541 Summary ======= The package libextractor befo...
Fedora 27 : libextractor (2017-354b9647ba)
Patch for CVE-2017-17440 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Updated libextractor packages fix security vulnerability
GNU Libextractor 1.6 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted GIF, IT Impulse Tracker, NSFE, S3M Scream Tracker 3, SID, or XM eXtended Module file, as demonstrated by the EXTRACTORxmextractmethod function in...
Fedora 26 : libextractor (2017-0f3270406c)
Patch for CVE-2017-17440 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
CVE-2017-17440
GNU Libextractor 1.6 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted GIF, IT Impulse Tracker, NSFE, S3M Scream Tracker 3, SID, or XM eXtended Module file, as demonstrated by the EXTRACTORxmextractmethod function in...
CVE-2017-17440
GNU Libextractor 1.6 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted GIF, IT Impulse Tracker, NSFE, S3M Scream Tracker 3, SID, or XM eXtended Module file, as demonstrated by the EXTRACTORxmextractmethod function in...
CVE-2017-17440
CVE-2017-17440 affects GNU Libextractor 1.6, where processing crafted GIF, IT, NSFE, S3M, SID, or XM files can trigger a NULL pointer dereference and crash (denial of service). Multiple advisories confirm the vulnerability in Libextractor 1.6 and note upstream fixes; a Debian/Arch/Mageia/Fedora/U...
CVE-2017-17440
GNU Libextractor 1.6 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted GIF, IT Impulse Tracker, NSFE, S3M Scream Tracker 3, SID, or XM eXtended Module file, as demonstrated by the EXTRACTORxmextractmethod function in...
CVE-2017-17440
GNU Libextractor 1.6 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via a crafted GIF, IT Impulse Tracker, NSFE, S3M Scream Tracker 3, SID, or XM eXtended Module file, as demonstrated by the EXTRACTORxmextractmethod function in...